From c8e0194abd2d95a711f2f46b6b9fe6cc92f0bf0a Mon Sep 17 00:00:00 2001
From: valentijnscholten <4426050+valentijnscholten@users.noreply.github.com>
Date: Wed, 4 Mar 2026 16:39:35 +0000
Subject: [PATCH] Update sample data

---
 dojo/fixtures/defect_dojo_sample_data.json    | 3306 +++++-----
 .../defect_dojo_sample_data_locations.json    | 5322 ++++++++---------
 2 files changed, 4314 insertions(+), 4314 deletions(-)

diff --git a/dojo/fixtures/defect_dojo_sample_data.json b/dojo/fixtures/defect_dojo_sample_data.json
index c673a6dcedb..bb1e0ada9ce 100644
--- a/dojo/fixtures/defect_dojo_sample_data.json
+++ b/dojo/fixtures/defect_dojo_sample_data.json
@@ -18,7 +18,7 @@
   },
   {
     "fields": {
-      "date_joined": "2022-07-06T07:59:51Z",
+      "date_joined": "2025-07-03T00:39:24Z",
       "email": "",
       "first_name": "",
       "groups": [],
@@ -545,7 +545,7 @@
     "fields": {
       "acronym": "HIPAA",
       "category": "medical",
-      "description": "The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was enacted by the United States Congress and signed by President Bill Clinton in 1996. It has been known as the Kennedy–Kassebaum Act or Kassebaum-Kennedy Act after two of its leading sponsors. Title I of HIPAA protects health insurance coverage for workers and their families when they change or lose their jobs. Title II of HIPAA, known as the Administrative Simplification (AS) provisions, requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers.",
+      "description": "The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was enacted by the United States Congress and signed by President Bill Clinton in 1996. It has been known as the Kennedy\u2013Kassebaum Act or Kassebaum-Kennedy Act after two of its leading sponsors. Title I of HIPAA protects health insurance coverage for workers and their families when they change or lose their jobs. Title II of HIPAA, known as the Administrative Simplification (AS) provisions, requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers.",
       "jurisdiction": "United States",
       "name": "Health Insurance Portability and Accountability Act",
       "reference": "http://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act"
@@ -569,9 +569,9 @@
     "fields": {
       "acronym": "SOX",
       "category": "finance",
-      "description": "The Sarbanes–Oxley Act of 2002 (SOX) is a United States federal law that set new or enhanced standards for all U.S. public company boards, management and public accounting firms. There are also a number of provisions of the Act that also apply to privately held companies, for example the willful destruction of evidence to impede a Federal investigation.",
+      "description": "The Sarbanes\u2013Oxley Act of 2002 (SOX) is a United States federal law that set new or enhanced standards for all U.S. public company boards, management and public accounting firms. There are also a number of provisions of the Act that also apply to privately held companies, for example the willful destruction of evidence to impede a Federal investigation.",
       "jurisdiction": "United States",
-      "name": "Sarbanes–Oxley Act",
+      "name": "Sarbanes\u2013Oxley Act",
       "reference": "http://en.wikipedia.org/wiki/Sarbanes%E2%80%93Oxley_Act"
     },
     "model": "dojo.regulation",
@@ -581,9 +581,9 @@
     "fields": {
       "acronym": "GLBA",
       "category": "finance",
-      "description": "The Gramm–Leach–Bliley Act (GLBA) is an act of the 106th United States Congress. It repealed part of the Glass–Steagall Act of 1933, removing barriers in the market among banking companies, securities companies and insurance companies that prohibited any one institution from acting as any combination of an investment bank, a commercial bank, and an insurance company. With the bipartisan passage of the Gramm–Leach–Bliley Act, commercial banks, investment banks, securities firms, and insurance companies were allowed to consolidate. Furthermore, it failed to give to the SEC or any other financial regulatory agency the authority to regulate large investment bank holding companies.",
+      "description": "The Gramm\u2013Leach\u2013Bliley Act (GLBA) is an act of the 106th United States Congress. It repealed part of the Glass\u2013Steagall Act of 1933, removing barriers in the market among banking companies, securities companies and insurance companies that prohibited any one institution from acting as any combination of an investment bank, a commercial bank, and an insurance company. With the bipartisan passage of the Gramm\u2013Leach\u2013Bliley Act, commercial banks, investment banks, securities firms, and insurance companies were allowed to consolidate. Furthermore, it failed to give to the SEC or any other financial regulatory agency the authority to regulate large investment bank holding companies.",
       "jurisdiction": "United States",
-      "name": "Gramm–Leach–Bliley Act",
+      "name": "Gramm\u2013Leach\u2013Bliley Act",
       "reference": "http://en.wikipedia.org/wiki/Gramm%E2%80%93Leach%E2%80%93Bliley_Act"
     },
     "model": "dojo.regulation",
@@ -678,7 +678,7 @@
       "acronym": "GDPR",
       "category": "privacy",
       "description": "The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.\r\n\r\nSuperseding the Data Protection Directive 95/46/EC, the regulation contains provisions and requirements pertaining to the processing of personally identifiable information of data subjects inside the European Union, and applies to all enterprises, regardless of location, that are doing business with the European Economic Area. Business processes that handle personal data must be built with data protection by design and by default, meaning that personal data must be stored using pseudonymisation or full anonymisation, and use the highest-possible privacy settings by default, so that the data is not available publicly without explicit consent, and cannot be used to identify a subject without additional information stored separately. No personal data may be processed unless it is done under a lawful basis specified by the regulation, or if the data controller or processor has received explicit, opt-in consent from the data's owner. The data owner has the right to revoke this permission at any time.",
-      "jurisdiction": "EU \u0026 EU Data Extra-Territorial Applicability",
+      "jurisdiction": "EU & EU Data Extra-Territorial Applicability",
       "name": "General Data Protection Regulation",
       "reference": "https://www.eugdpr.org/"
     },
@@ -2603,7 +2603,7 @@
       "async_updating": false,
       "business_criticality": "high",
       "created": null,
-      "description": "Accounting software is typically composed of various modules, different sections dealing with particular areas of accounting. Among the most common are:\r\n\r\n**Core modules**\r\n\r\n* Accounts receivable—where the company enters money received\r\n* Accounts payable—where the company enters its bills and pays money it owes\r\n* General ledger—the company's \"books\"\r\n* Billing—where the company produces invoices to clients/customers",
+      "description": "Accounting software is typically composed of various modules, different sections dealing with particular areas of accounting. Among the most common are:\r\n\r\n**Core modules**\r\n\r\n* Accounts receivable\u2014where the company enters money received\r\n* Accounts payable\u2014where the company enters its bills and pays money it owes\r\n* General ledger\u2014the company's \"books\"\r\n* Billing\u2014where the company produces invoices to clients/customers",
       "disable_sla_breach_notifications": false,
       "enable_full_risk_acceptance": true,
       "enable_product_tag_inheritance": false,
@@ -2774,8 +2774,8 @@
       "source_code_management_uri": null,
       "status": "In Progress",
       "tags": [],
-      "target_end": "2022-07-05",
-      "target_start": "2022-07-05",
+      "target_end": "2025-07-01",
+      "target_start": "2025-07-01",
       "test_strategy": null,
       "threat_model": true,
       "tmodel_path": "none",
@@ -2821,8 +2821,8 @@
       "source_code_management_uri": null,
       "status": "Completed",
       "tags": [],
-      "target_end": "2022-07-05",
-      "target_start": "2022-07-05",
+      "target_end": "2025-07-01",
+      "target_start": "2025-07-01",
       "test_strategy": "",
       "threat_model": true,
       "tmodel_path": "none",
@@ -2868,8 +2868,8 @@
       "source_code_management_uri": null,
       "status": "Completed",
       "tags": [],
-      "target_end": "2022-06-27",
-      "target_start": "2022-06-26",
+      "target_end": "2025-06-23",
+      "target_start": "2025-06-22",
       "test_strategy": null,
       "threat_model": true,
       "tmodel_path": "none",
@@ -2915,8 +2915,8 @@
       "source_code_management_uri": null,
       "status": "Completed",
       "tags": [],
-      "target_end": "2022-11-15",
-      "target_start": "2022-11-08",
+      "target_end": "2025-11-11",
+      "target_start": "2025-11-04",
       "test_strategy": "",
       "threat_model": false,
       "tmodel_path": "none",
@@ -2964,8 +2964,8 @@
       "tags": [
         "pci"
       ],
-      "target_end": "2023-01-31",
-      "target_start": "2023-01-24",
+      "target_end": "2026-01-27",
+      "target_start": "2026-01-20",
       "test_strategy": "",
       "threat_model": false,
       "tmodel_path": "none",
@@ -3009,8 +3009,8 @@
       "source_code_management_uri": null,
       "status": "",
       "tags": [],
-      "target_end": "2022-11-08",
-      "target_start": "2022-11-08",
+      "target_end": "2025-11-04",
+      "target_start": "2025-11-04",
       "test_strategy": null,
       "threat_model": true,
       "tmodel_path": "none",
@@ -3056,8 +3056,8 @@
       "source_code_management_uri": null,
       "status": "Not Started",
       "tags": [],
-      "target_end": "2023-01-01",
-      "target_start": "2022-12-25",
+      "target_end": "2025-12-28",
+      "target_start": "2025-12-21",
       "test_strategy": "",
       "threat_model": false,
       "tmodel_path": "none",
@@ -3105,8 +3105,8 @@
       "tags": [
         "pci"
       ],
-      "target_end": "2022-11-09",
-      "target_start": "2022-11-09",
+      "target_end": "2025-11-05",
+      "target_start": "2025-11-05",
       "test_strategy": "",
       "threat_model": false,
       "tmodel_path": "none",
@@ -3152,8 +3152,8 @@
       "source_code_management_uri": null,
       "status": "Blocked",
       "tags": [],
-      "target_end": "2023-01-07",
-      "target_start": "2023-01-04",
+      "target_end": "2026-01-03",
+      "target_start": "2025-12-31",
       "test_strategy": "",
       "threat_model": false,
       "tmodel_path": "none",
@@ -3199,8 +3199,8 @@
       "source_code_management_uri": "https://github.com/psiinon/bodgeit",
       "status": "Completed",
       "tags": [],
-      "target_end": "2022-11-16",
-      "target_start": "2022-11-09",
+      "target_end": "2025-11-12",
+      "target_start": "2025-11-05",
       "test_strategy": null,
       "threat_model": false,
       "tmodel_path": "none",
@@ -3244,8 +3244,8 @@
       "source_code_management_uri": null,
       "status": "In Progress",
       "tags": [],
-      "target_end": "2022-11-09",
-      "target_start": "2022-11-09",
+      "target_end": "2025-11-05",
+      "target_start": "2025-11-05",
       "test_strategy": null,
       "threat_model": false,
       "tmodel_path": "none",
@@ -3645,8 +3645,8 @@
       "percent_complete": 100,
       "scan_type": null,
       "tags": [],
-      "target_end": "2022-03-04T00:00:00Z",
-      "target_start": "2022-02-23T00:00:00Z",
+      "target_end": "2025-02-28T16:39:33Z",
+      "target_start": "2025-02-19T16:39:33Z",
       "test_type": 1,
       "title": null,
       "updated": null,
@@ -3674,8 +3674,8 @@
       "percent_complete": 100,
       "scan_type": null,
       "tags": [],
-      "target_end": "2022-03-27T01:00:00Z",
-      "target_start": "2022-03-26T01:00:00Z",
+      "target_end": "2025-03-23T17:39:33Z",
+      "target_start": "2025-03-22T17:39:33Z",
       "test_type": 1,
       "title": null,
       "updated": null,
@@ -3701,8 +3701,8 @@
       "percent_complete": 100,
       "scan_type": null,
       "tags": [],
-      "target_end": "2022-03-04T00:00:00Z",
-      "target_start": "2022-02-23T00:00:00Z",
+      "target_end": "2025-02-28T16:39:33Z",
+      "target_start": "2025-02-19T16:39:33Z",
       "test_type": 1,
       "title": null,
       "updated": null,
@@ -3730,8 +3730,8 @@
       "percent_complete": 100,
       "scan_type": null,
       "tags": [],
-      "target_end": "2022-11-08T00:00:00Z",
-      "target_start": "2022-11-08T00:00:00Z",
+      "target_end": "2025-11-04T16:39:33Z",
+      "target_start": "2025-11-04T16:39:33Z",
       "test_type": 12,
       "title": null,
       "updated": "2022-11-10T06:00:41.489932529Z",
@@ -3759,8 +3759,8 @@
       "percent_complete": 100,
       "scan_type": null,
       "tags": [],
-      "target_end": "2022-11-08T00:00:00Z",
-      "target_start": "2022-11-08T00:00:00Z",
+      "target_end": "2025-11-04T16:39:33Z",
+      "target_start": "2025-11-04T16:39:33Z",
       "test_type": 12,
       "title": null,
       "updated": "2022-11-10T06:02:36.065932529Z",
@@ -3788,8 +3788,8 @@
       "percent_complete": null,
       "scan_type": null,
       "tags": [],
-      "target_end": "2023-01-29T00:00:00Z",
-      "target_start": "2023-01-24T00:00:00Z",
+      "target_end": "2026-01-25T16:39:33Z",
+      "target_start": "2026-01-20T16:39:33Z",
       "test_type": 21,
       "title": null,
       "updated": "2022-11-10T06:25:44.929932529Z",
@@ -3844,8 +3844,8 @@
       "percent_complete": null,
       "scan_type": null,
       "tags": [],
-      "target_end": "2023-01-01T00:00:00Z",
-      "target_start": "2022-12-25T00:00:00Z",
+      "target_end": "2025-12-28T16:39:33Z",
+      "target_start": "2025-12-21T16:39:33Z",
       "test_type": 1,
       "title": null,
       "updated": "2022-11-10T06:42:20.027932529Z",
@@ -3873,8 +3873,8 @@
       "percent_complete": null,
       "scan_type": null,
       "tags": [],
-      "target_end": "2023-01-01T00:00:00Z",
-      "target_start": "2022-12-25T00:00:00Z",
+      "target_end": "2025-12-28T16:39:33Z",
+      "target_start": "2025-12-21T16:39:33Z",
       "test_type": 19,
       "title": null,
       "updated": "2022-11-10T06:42:34.336932529Z",
@@ -3902,8 +3902,8 @@
       "percent_complete": null,
       "scan_type": null,
       "tags": [],
-      "target_end": "2023-01-01T00:00:00Z",
-      "target_start": "2022-12-25T00:00:00Z",
+      "target_end": "2025-12-28T16:39:33Z",
+      "target_start": "2025-12-21T16:39:33Z",
       "test_type": 17,
       "title": null,
       "updated": "2022-11-10T06:42:52.637932529Z",
@@ -3931,8 +3931,8 @@
       "percent_complete": null,
       "scan_type": null,
       "tags": [],
-      "target_end": "2023-01-01T00:00:00Z",
-      "target_start": "2022-12-25T00:00:00Z",
+      "target_end": "2025-12-28T16:39:33Z",
+      "target_start": "2025-12-21T16:39:33Z",
       "test_type": 11,
       "title": null,
       "updated": "2022-11-10T06:43:12.741932529Z",
@@ -3960,8 +3960,8 @@
       "percent_complete": 100,
       "scan_type": null,
       "tags": [],
-      "target_end": "2022-11-09T00:00:00Z",
-      "target_start": "2022-11-09T00:00:00Z",
+      "target_end": "2025-11-05T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 17,
       "title": null,
       "updated": "2022-11-11T03:43:46.740932529Z",
@@ -3989,8 +3989,8 @@
       "percent_complete": 100,
       "scan_type": null,
       "tags": [],
-      "target_end": "2022-11-09T00:00:00Z",
-      "target_start": "2022-11-09T00:00:00Z",
+      "target_end": "2025-11-05T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 28,
       "title": null,
       "updated": "2022-11-11T03:45:17.376932529Z",
@@ -4018,8 +4018,8 @@
       "percent_complete": 100,
       "scan_type": null,
       "tags": [],
-      "target_end": "2022-11-09T00:00:00Z",
-      "target_start": "2022-11-09T00:00:00Z",
+      "target_end": "2025-11-05T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 9,
       "title": null,
       "updated": "2022-11-11T03:46:28.443932529Z",
@@ -4047,8 +4047,8 @@
       "percent_complete": null,
       "scan_type": null,
       "tags": [],
-      "target_end": "2022-11-16T00:00:00Z",
-      "target_start": "2022-11-09T00:00:00Z",
+      "target_end": "2025-11-12T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 29,
       "title": null,
       "updated": "2022-11-11T03:53:34.915932529Z",
@@ -4076,8 +4076,8 @@
       "percent_complete": null,
       "scan_type": null,
       "tags": [],
-      "target_end": "2022-11-16T00:00:00Z",
-      "target_start": "2022-11-09T00:00:00Z",
+      "target_end": "2025-11-12T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 3,
       "title": null,
       "updated": "2022-11-11T03:53:46.425932529Z",
@@ -4105,8 +4105,8 @@
       "percent_complete": 100,
       "scan_type": null,
       "tags": [],
-      "target_end": "2022-11-09T00:00:00Z",
-      "target_start": "2022-11-09T00:00:00Z",
+      "target_end": "2025-11-05T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 30,
       "title": null,
       "updated": "2022-11-11T04:06:28.960932529Z",
@@ -4134,8 +4134,8 @@
       "percent_complete": 100,
       "scan_type": null,
       "tags": [],
-      "target_end": "2022-11-09T00:00:00Z",
-      "target_start": "2022-11-09T00:00:00Z",
+      "target_end": "2025-11-05T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 9,
       "title": null,
       "updated": "2022-11-11T07:42:16.411932529Z",
@@ -4154,7 +4154,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": null,
-      "date": "2022-03-26",
+      "date": "2025-03-22",
       "defect_review_requested_by": [
         "admin"
       ],
@@ -4208,7 +4208,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-25",
+      "sla_expiration_date": "2025-04-21",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4237,7 +4237,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": null,
-      "date": "2022-03-26",
+      "date": "2025-03-22",
       "defect_review_requested_by": [
         "admin"
       ],
@@ -4291,7 +4291,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-25",
+      "sla_expiration_date": "2025-04-21",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4320,7 +4320,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": null,
-      "date": "2022-03-26",
+      "date": "2025-03-22",
       "defect_review_requested_by": [
         "admin"
       ],
@@ -4374,7 +4374,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-25",
+      "sla_expiration_date": "2025-04-21",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4403,7 +4403,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": null,
-      "date": "2022-03-26",
+      "date": "2025-03-22",
       "defect_review_requested_by": [
         "admin"
       ],
@@ -4457,7 +4457,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-25",
+      "sla_expiration_date": "2025-04-21",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4486,7 +4486,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": null,
-      "date": "2022-03-26",
+      "date": "2025-03-22",
       "defect_review_requested_by": [
         "admin"
       ],
@@ -4540,7 +4540,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-25",
+      "sla_expiration_date": "2025-04-21",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4569,7 +4569,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 1,
-      "date": "2022-03-25",
+      "date": "2025-03-21",
       "defect_review_requested_by": [
         "product_manager"
       ],
@@ -4623,7 +4623,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-24",
+      "sla_expiration_date": "2025-04-20",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4652,9 +4652,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 89,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -4704,7 +4704,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4733,9 +4733,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -4785,7 +4785,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4814,9 +4814,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 829,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84)\n\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -4866,7 +4866,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4895,9 +4895,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -4947,7 +4947,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4976,9 +4976,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5028,7 +5028,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5057,9 +5057,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5109,7 +5109,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5138,9 +5138,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 10706,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5190,7 +5190,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5219,9 +5219,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5271,7 +5271,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5300,9 +5300,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 547,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5352,7 +5352,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5381,9 +5381,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 330,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n",
+      "description": "**Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5433,7 +5433,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5462,9 +5462,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 89,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5514,7 +5514,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5543,9 +5543,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5595,7 +5595,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5624,9 +5624,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\u003c/a\u003e\u003c/td\u003e\u003ctd\u003e\" + type + \"\u003c/td\u003e\u003ctd align=\\\"right\\\"\u003e\" + nf.format(price) + \"\u003c/td\u003e\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"</a></td><td>\" + type + \"</td><td align=\\\"right\\\">\" + nf.format(price) + \"</td>\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5676,7 +5676,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5705,9 +5705,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 329,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5757,7 +5757,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5786,9 +5786,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 182,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5838,7 +5838,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5867,9 +5867,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 646,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5919,7 +5919,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5948,9 +5948,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 547,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6000,7 +6000,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6029,9 +6029,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 89,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6081,7 +6081,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6110,9 +6110,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 244,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6162,7 +6162,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6191,9 +6191,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 338,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6243,7 +6243,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6272,9 +6272,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 501,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6324,7 +6324,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6353,9 +6353,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\u003cbr/\u003e\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\u003cbr/\u003e\" + e);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.<br/>\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.<br/>\" + e);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6405,7 +6405,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6434,9 +6434,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 784,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6486,7 +6486,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6515,9 +6515,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6567,7 +6567,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6596,9 +6596,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6648,7 +6648,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6677,9 +6677,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6729,7 +6729,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6758,9 +6758,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 547,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6810,7 +6810,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6839,9 +6839,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 10706,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6891,7 +6891,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6920,9 +6920,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6972,7 +6972,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7001,9 +7001,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 614,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7053,7 +7053,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7082,9 +7082,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7134,7 +7134,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7163,9 +7163,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** \u003ctd\u003e\u003c%=username%\u003e\u003c/td\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** <td><%=username%></td>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7215,7 +7215,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7244,9 +7244,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 547,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7296,7 +7296,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7325,9 +7325,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 547,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7377,7 +7377,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7406,9 +7406,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7458,7 +7458,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7487,9 +7487,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7539,7 +7539,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7568,9 +7568,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7620,7 +7620,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7649,9 +7649,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 89,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7701,7 +7701,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7730,9 +7730,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7782,7 +7782,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7811,9 +7811,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7863,7 +7863,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7892,9 +7892,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 315,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7944,7 +7944,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7973,9 +7973,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8025,7 +8025,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8054,9 +8054,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 547,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8106,7 +8106,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8135,9 +8135,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getInt(\"userid\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"name\") +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"<td>\" + rs.getInt(\"userid\") + \"</td><td>\" + rs.getString(\"name\") +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8187,7 +8187,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8216,9 +8216,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8268,7 +8268,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8297,9 +8297,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8349,7 +8349,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8378,9 +8378,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 244,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8430,7 +8430,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8459,9 +8459,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8511,7 +8511,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8540,9 +8540,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 384,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8592,7 +8592,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8621,9 +8621,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\u003c/TD\u003e\u003cTD\u003e\" + rs.getString(\"PRICE\") + \"\u003c/TD\u003e\u003c/TR\u003e\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\u003c/TD\u003e\u003cTD\u003e\" + rs.getString(\"PRICE\") + \"\u003c/TD\u003e\u003c/TR\u003e\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\u003cTR\u003e\u003cTD\u003e\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\u003cTR\u003e\u003cTD\u003e\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** \u003c%= output %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"</TD><TD>\" + rs.getString(\"PRICE\") + \"</TD></TR>\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"</TD><TD>\" + rs.getString(\"PRICE\") + \"</TD></TR>\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"<TR><TD>\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"<TR><TD>\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** <%= output %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8673,7 +8673,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8702,9 +8702,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8754,7 +8754,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8783,9 +8783,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 547,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8835,7 +8835,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8864,9 +8864,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8916,7 +8916,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8945,9 +8945,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 10706,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8997,7 +8997,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9026,9 +9026,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9078,7 +9078,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9107,9 +9107,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\u003c/a\u003e\u003c/td\u003e\u003ctd\u003e\" + type + \"\u003c/td\u003e\u003ctd align=\\\"right\\\"\u003e\" + nf.format(price) + \"\u003c/td\u003e\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"</a></td><td>\" + type + \"</td><td align=\\\"right\\\">\" + nf.format(price) + \"</td>\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9159,7 +9159,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9188,9 +9188,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9240,7 +9240,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9269,9 +9269,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9321,7 +9321,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9350,9 +9350,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9402,7 +9402,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9431,9 +9431,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9483,7 +9483,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9512,9 +9512,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9564,7 +9564,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9593,9 +9593,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9645,7 +9645,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9674,9 +9674,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 362,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\u003ctd align=\\\"right\\\"\u003e\" + nf.format(pricetopay) + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"<td align=\\\"right\\\">\" + nf.format(pricetopay) + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9726,7 +9726,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9755,9 +9755,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9807,7 +9807,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9836,9 +9836,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9888,7 +9888,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9917,9 +9917,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \u003cinput type=\"hidden\" id=\"user\" name=\"\u003c%=username%\u003e\" value=\"\"/\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** <input type=\"hidden\" id=\"user\" name=\"<%=username%>\" value=\"\"/>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9969,7 +9969,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9998,9 +9998,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 338,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10050,7 +10050,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10079,9 +10079,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10131,7 +10131,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10160,9 +10160,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10212,7 +10212,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10241,9 +10241,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10293,7 +10293,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10322,9 +10322,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10374,7 +10374,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10403,9 +10403,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 89,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10455,7 +10455,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10484,9 +10484,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 601,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** \u003ca href=\"javascript:window.location=window.location.href\"\u003eNew Search\u003c/a\u003e\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** \u003ca href=\"javascript:window.location=window.location.href\"\u003eNew Search\u003c/a\u003e\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** <a href=\"javascript:window.location=window.location.href\">New Search</a>\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** <a href=\"javascript:window.location=window.location.href\">New Search</a>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10536,7 +10536,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10565,9 +10565,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 547,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10617,7 +10617,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10646,9 +10646,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10698,7 +10698,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10727,9 +10727,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 330,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10779,7 +10779,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10808,9 +10808,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 829,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \u003c?xml version=\"1.0\" encoding=\"ISO-8859-1\"?\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** <?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10860,7 +10860,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10889,9 +10889,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"\u003cscript\u003ealert(\\\"xss\\\")\u003c/script\u003e\") \u003e= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** \u003cb\u003eYou searched for:\u003c/b\u003e \u003c%= query %\u003e\u003cbr/\u003e\u003cbr/\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"<script>alert(\\\"xss\\\")</script>\") >= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** <b>You searched for:</b> <%= query %><br/><br/>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10941,7 +10941,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10970,9 +10970,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 614,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11022,7 +11022,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11051,9 +11051,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11103,7 +11103,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11132,9 +11132,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 321,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11184,7 +11184,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11213,9 +11213,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 784,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11265,7 +11265,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11294,9 +11294,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"name\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"comment\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"name\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"comment\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"name\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"comment\") + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"<td>\" + rs.getString(\"name\") + \"</td><td>\" + rs.getString(\"comment\") + \"</td>\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"<td>\" + rs.getString(\"name\") + \"</td><td>\" + rs.getString(\"comment\") + \"</td>\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"<td>\" + rs.getString(\"name\") + \"</td><td>\" + rs.getString(\"comment\") + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11346,7 +11346,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11375,9 +11375,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getInt(\"userid\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"name\") +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"<td>\" + rs.getInt(\"userid\") + \"</td><td>\" + rs.getString(\"name\") +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11427,7 +11427,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11456,9 +11456,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 244,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11508,7 +11508,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11537,9 +11537,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11589,7 +11589,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11618,9 +11618,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") \u003e= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") >= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11670,7 +11670,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11699,9 +11699,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11751,7 +11751,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11780,9 +11780,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \u003ca href=\\\"password.jsp\\\"\u003e\" + username + \"\u003c/a\u003e\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \u003ca href=\\\"password.jsp\\\"\u003e\" + username + \"\u003c/a\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: <a href=\\\"password.jsp\\\">\" + username + \"</a>\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: <a href=\\\"password.jsp\\\">\" + username + \"</a>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11832,7 +11832,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11861,9 +11861,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 89,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11913,7 +11913,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11942,9 +11942,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 10706,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \u003c?xml version=\"1.0\" encoding=\"ISO-8859-1\"?\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** <?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11994,7 +11994,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12023,9 +12023,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 321,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12075,7 +12075,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12104,9 +12104,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12156,7 +12156,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12185,9 +12185,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12237,7 +12237,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12266,9 +12266,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12318,7 +12318,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12347,9 +12347,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12399,7 +12399,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12428,9 +12428,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12480,7 +12480,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12509,9 +12509,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12561,7 +12561,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12590,9 +12590,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12642,7 +12642,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12671,9 +12671,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12723,7 +12723,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12752,9 +12752,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 89,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12804,7 +12804,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12833,9 +12833,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 784,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12885,7 +12885,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12914,9 +12914,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12966,7 +12966,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12995,9 +12995,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 567,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13047,7 +13047,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13076,9 +13076,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13128,7 +13128,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13157,9 +13157,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13209,7 +13209,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13238,9 +13238,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13290,7 +13290,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13319,9 +13319,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 384,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13371,7 +13371,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13400,9 +13400,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 547,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13452,7 +13452,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13481,9 +13481,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 547,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13533,7 +13533,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13562,9 +13562,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13614,7 +13614,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13643,9 +13643,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13695,7 +13695,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13724,9 +13724,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13776,7 +13776,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13805,9 +13805,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13857,7 +13857,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13886,9 +13886,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13938,7 +13938,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13967,9 +13967,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14019,7 +14019,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14048,9 +14048,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14100,7 +14100,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14129,9 +14129,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 330,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14181,7 +14181,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14210,9 +14210,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \u003cinput type=\"hidden\" id=\"user\" name=\"\u003c%=username%\u003e\" value=\"\"/\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** <input type=\"hidden\" id=\"user\" name=\"<%=username%>\" value=\"\"/>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14262,7 +14262,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14291,9 +14291,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 10706,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14343,7 +14343,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14372,9 +14372,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 614,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14424,7 +14424,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14453,9 +14453,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14505,7 +14505,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14534,9 +14534,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 362,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\u003c/td\u003e\u003c/td\u003e\u003ctd align=\\\"right\\\"\u003e\" + nf.format(price) + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"</td></td><td align=\\\"right\\\">\" + nf.format(price) + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14586,7 +14586,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14615,9 +14615,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14667,7 +14667,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14696,9 +14696,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14748,7 +14748,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14777,9 +14777,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 244,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14829,7 +14829,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14858,9 +14858,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14910,7 +14910,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14939,9 +14939,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14991,7 +14991,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15020,9 +15020,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15072,7 +15072,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15101,9 +15101,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 352,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15153,7 +15153,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15182,9 +15182,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15234,7 +15234,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15263,9 +15263,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15315,7 +15315,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15344,9 +15344,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 89,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15396,7 +15396,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15425,9 +15425,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15477,7 +15477,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15506,9 +15506,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 829,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84)\n\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15558,7 +15558,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15587,9 +15587,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15639,7 +15639,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15668,9 +15668,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15720,7 +15720,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15749,9 +15749,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15801,7 +15801,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15830,9 +15830,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 10706,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15882,7 +15882,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15911,9 +15911,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15963,7 +15963,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15992,9 +15992,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 547,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16044,7 +16044,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16073,9 +16073,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 330,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n",
+      "description": "**Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16125,7 +16125,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16154,9 +16154,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 89,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16206,7 +16206,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16235,9 +16235,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16287,7 +16287,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16316,9 +16316,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\u003c/a\u003e\u003c/td\u003e\u003ctd\u003e\" + type + \"\u003c/td\u003e\u003ctd align=\\\"right\\\"\u003e\" + nf.format(price) + \"\u003c/td\u003e\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"</a></td><td>\" + type + \"</td><td align=\\\"right\\\">\" + nf.format(price) + \"</td>\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16368,7 +16368,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16397,9 +16397,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 329,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16449,7 +16449,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16478,9 +16478,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 182,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16530,7 +16530,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16559,9 +16559,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 646,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16611,7 +16611,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16640,9 +16640,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 547,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16692,7 +16692,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16721,9 +16721,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 89,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16773,7 +16773,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16802,9 +16802,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 244,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16854,7 +16854,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16883,9 +16883,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 338,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16935,7 +16935,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16964,9 +16964,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 501,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17016,7 +17016,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17045,9 +17045,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\u003cbr/\u003e\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\u003cbr/\u003e\" + e);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.<br/>\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.<br/>\" + e);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17097,7 +17097,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17126,9 +17126,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 784,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17178,7 +17178,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17207,9 +17207,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17259,7 +17259,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17288,9 +17288,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17340,7 +17340,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17369,9 +17369,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17421,7 +17421,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17450,9 +17450,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 547,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17502,7 +17502,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17531,9 +17531,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 10706,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17583,7 +17583,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17612,9 +17612,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17664,7 +17664,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17693,9 +17693,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 614,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17745,7 +17745,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17774,9 +17774,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17826,7 +17826,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17855,9 +17855,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** \u003ctd\u003e\u003c%=username%\u003e\u003c/td\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** <td><%=username%></td>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17907,7 +17907,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17936,9 +17936,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 547,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17988,7 +17988,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18017,9 +18017,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 547,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18069,7 +18069,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18098,9 +18098,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18150,7 +18150,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18179,9 +18179,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18231,7 +18231,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18260,9 +18260,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18312,7 +18312,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18341,9 +18341,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 89,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18393,7 +18393,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18422,9 +18422,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18474,7 +18474,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18503,9 +18503,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18555,7 +18555,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18584,9 +18584,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 315,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18636,7 +18636,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18665,9 +18665,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18717,7 +18717,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18746,9 +18746,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 547,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18798,7 +18798,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18827,9 +18827,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getInt(\"userid\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"name\") +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"<td>\" + rs.getInt(\"userid\") + \"</td><td>\" + rs.getString(\"name\") +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18879,7 +18879,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18908,9 +18908,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18960,7 +18960,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18989,9 +18989,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19041,7 +19041,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19070,9 +19070,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 244,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19122,7 +19122,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19151,9 +19151,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19203,7 +19203,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19232,9 +19232,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 384,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19284,7 +19284,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19313,9 +19313,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\u003c/TD\u003e\u003cTD\u003e\" + rs.getString(\"PRICE\") + \"\u003c/TD\u003e\u003c/TR\u003e\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\u003c/TD\u003e\u003cTD\u003e\" + rs.getString(\"PRICE\") + \"\u003c/TD\u003e\u003c/TR\u003e\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\u003cTR\u003e\u003cTD\u003e\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\u003cTR\u003e\u003cTD\u003e\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** \u003c%= output %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"</TD><TD>\" + rs.getString(\"PRICE\") + \"</TD></TR>\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"</TD><TD>\" + rs.getString(\"PRICE\") + \"</TD></TR>\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"<TR><TD>\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"<TR><TD>\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** <%= output %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19365,7 +19365,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19394,9 +19394,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19446,7 +19446,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19475,9 +19475,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 547,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19527,7 +19527,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19556,9 +19556,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19608,7 +19608,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19637,9 +19637,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 10706,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19689,7 +19689,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19718,9 +19718,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19770,7 +19770,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19799,9 +19799,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\u003c/a\u003e\u003c/td\u003e\u003ctd\u003e\" + type + \"\u003c/td\u003e\u003ctd align=\\\"right\\\"\u003e\" + nf.format(price) + \"\u003c/td\u003e\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"</a></td><td>\" + type + \"</td><td align=\\\"right\\\">\" + nf.format(price) + \"</td>\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19851,7 +19851,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19880,9 +19880,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19932,7 +19932,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19961,9 +19961,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20013,7 +20013,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20042,9 +20042,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20094,7 +20094,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20123,9 +20123,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20175,7 +20175,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20204,9 +20204,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20256,7 +20256,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20285,9 +20285,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20337,7 +20337,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20366,9 +20366,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 362,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\u003ctd align=\\\"right\\\"\u003e\" + nf.format(pricetopay) + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"<td align=\\\"right\\\">\" + nf.format(pricetopay) + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20418,7 +20418,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20447,9 +20447,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20499,7 +20499,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20528,9 +20528,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20580,7 +20580,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20609,9 +20609,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \u003cinput type=\"hidden\" id=\"user\" name=\"\u003c%=username%\u003e\" value=\"\"/\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** <input type=\"hidden\" id=\"user\" name=\"<%=username%>\" value=\"\"/>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20661,7 +20661,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20690,9 +20690,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 338,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20742,7 +20742,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20771,9 +20771,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20823,7 +20823,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20852,9 +20852,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20904,7 +20904,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20933,9 +20933,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20985,7 +20985,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21014,9 +21014,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21066,7 +21066,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21095,9 +21095,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 89,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21147,7 +21147,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21176,9 +21176,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 601,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** \u003ca href=\"javascript:window.location=window.location.href\"\u003eNew Search\u003c/a\u003e\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** \u003ca href=\"javascript:window.location=window.location.href\"\u003eNew Search\u003c/a\u003e\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** <a href=\"javascript:window.location=window.location.href\">New Search</a>\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** <a href=\"javascript:window.location=window.location.href\">New Search</a>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21228,7 +21228,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21257,9 +21257,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 547,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21309,7 +21309,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21338,9 +21338,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21390,7 +21390,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21419,9 +21419,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 330,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21471,7 +21471,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21500,9 +21500,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 829,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \u003c?xml version=\"1.0\" encoding=\"ISO-8859-1\"?\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** <?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21552,7 +21552,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21581,9 +21581,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"\u003cscript\u003ealert(\\\"xss\\\")\u003c/script\u003e\") \u003e= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** \u003cb\u003eYou searched for:\u003c/b\u003e \u003c%= query %\u003e\u003cbr/\u003e\u003cbr/\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"<script>alert(\\\"xss\\\")</script>\") >= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** <b>You searched for:</b> <%= query %><br/><br/>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21633,7 +21633,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21662,9 +21662,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 614,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21714,7 +21714,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21743,9 +21743,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21795,7 +21795,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21824,9 +21824,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 321,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21876,7 +21876,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21905,9 +21905,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 784,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21957,7 +21957,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21986,9 +21986,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"name\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"comment\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"name\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"comment\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"name\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"comment\") + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"<td>\" + rs.getString(\"name\") + \"</td><td>\" + rs.getString(\"comment\") + \"</td>\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"<td>\" + rs.getString(\"name\") + \"</td><td>\" + rs.getString(\"comment\") + \"</td>\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"<td>\" + rs.getString(\"name\") + \"</td><td>\" + rs.getString(\"comment\") + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22038,7 +22038,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22067,9 +22067,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getInt(\"userid\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"name\") +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"<td>\" + rs.getInt(\"userid\") + \"</td><td>\" + rs.getString(\"name\") +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22119,7 +22119,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22148,9 +22148,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 244,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22200,7 +22200,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22229,9 +22229,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22281,7 +22281,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22310,9 +22310,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") \u003e= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") >= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22362,7 +22362,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22391,9 +22391,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22443,7 +22443,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22472,9 +22472,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \u003ca href=\\\"password.jsp\\\"\u003e\" + username + \"\u003c/a\u003e\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \u003ca href=\\\"password.jsp\\\"\u003e\" + username + \"\u003c/a\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: <a href=\\\"password.jsp\\\">\" + username + \"</a>\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: <a href=\\\"password.jsp\\\">\" + username + \"</a>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22524,7 +22524,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22553,9 +22553,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 89,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22605,7 +22605,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22634,9 +22634,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 10706,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \u003c?xml version=\"1.0\" encoding=\"ISO-8859-1\"?\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** <?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22686,7 +22686,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22715,9 +22715,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 321,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22767,7 +22767,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22796,9 +22796,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22848,7 +22848,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22877,9 +22877,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22929,7 +22929,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22958,9 +22958,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23010,7 +23010,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23039,9 +23039,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23091,7 +23091,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23120,9 +23120,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23172,7 +23172,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23201,9 +23201,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23253,7 +23253,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23282,9 +23282,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23334,7 +23334,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23363,9 +23363,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23415,7 +23415,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23444,9 +23444,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 89,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23496,7 +23496,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23525,9 +23525,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 784,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23577,7 +23577,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23606,9 +23606,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23658,7 +23658,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23687,9 +23687,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 567,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23739,7 +23739,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23768,9 +23768,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23820,7 +23820,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23849,9 +23849,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23901,7 +23901,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23930,9 +23930,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23982,7 +23982,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24011,9 +24011,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 384,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24063,7 +24063,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24092,9 +24092,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 547,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24144,7 +24144,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24173,9 +24173,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 547,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24225,7 +24225,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24254,9 +24254,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24306,7 +24306,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24335,9 +24335,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24387,7 +24387,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24416,9 +24416,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24468,7 +24468,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24497,9 +24497,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24549,7 +24549,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24578,9 +24578,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24630,7 +24630,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24659,9 +24659,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24711,7 +24711,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24740,9 +24740,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24792,7 +24792,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24821,9 +24821,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 330,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24873,7 +24873,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24902,9 +24902,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \u003cinput type=\"hidden\" id=\"user\" name=\"\u003c%=username%\u003e\" value=\"\"/\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** <input type=\"hidden\" id=\"user\" name=\"<%=username%>\" value=\"\"/>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24954,7 +24954,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24983,9 +24983,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 10706,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25035,7 +25035,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25064,9 +25064,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 614,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25116,7 +25116,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25145,9 +25145,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25197,7 +25197,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25226,9 +25226,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 362,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\u003c/td\u003e\u003c/td\u003e\u003ctd align=\\\"right\\\"\u003e\" + nf.format(price) + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"</td></td><td align=\\\"right\\\">\" + nf.format(price) + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25278,7 +25278,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25307,9 +25307,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25359,7 +25359,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25388,9 +25388,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25440,7 +25440,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25469,9 +25469,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 244,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25521,7 +25521,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25550,9 +25550,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25602,7 +25602,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25631,9 +25631,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 259,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25683,7 +25683,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25712,9 +25712,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 209,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25764,7 +25764,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25793,9 +25793,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 352,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25845,7 +25845,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25874,9 +25874,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25926,7 +25926,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25955,9 +25955,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -26007,7 +26007,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26036,9 +26036,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 494,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=288](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=288)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=289](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=289)\n\n**Line Number:** 1\n**Column:** 680\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=288](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=288)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=289](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=289)\n\n**Line Number:** 1\n**Column:** 680\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -26088,7 +26088,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26117,9 +26117,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 285,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=121](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=121)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=122](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=122)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=123](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=123)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=124](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=124)\n\n**Line Number:** 12\n**Column:** 383\n**Source Object:** execute\n**Number:** 12\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_ADMIN'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=121](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=121)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=122](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=122)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=123](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=123)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=124](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=124)\n\n**Line Number:** 12\n**Column:** 383\n**Source Object:** execute\n**Number:** 12\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_ADMIN'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -26169,7 +26169,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26198,9 +26198,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 338,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=14](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=14)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=14](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=14)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -26250,7 +26250,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26279,9 +26279,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 404,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=463](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=463)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=464](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=464)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=465](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=465)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=466](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=466)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=467](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=467)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=468](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=468)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=469](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=469)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=470](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=470)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=471](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=471)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=472](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=472)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=473](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=473)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=474](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=474)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=475](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=475)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=476](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=476)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=477](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=477)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=478](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=478)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=479](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=479)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=480](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=480)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=481](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=481)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=482](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=482)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=483](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=483)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=484](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=484)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=485](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=485)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=486](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=486)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=487](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=487)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=488](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=488)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=489](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=489)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=490](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=490)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=491](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=491)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=492](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=492)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=493](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=493)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=494](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=494)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=495](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=495)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=496](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=496)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=497](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=497)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=498](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=498)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=499](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=499)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=500](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=500)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=501](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=501)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=502](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=502)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=503](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=503)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=504](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=504)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=505](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=505)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=506](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=506)\n\n**Line Number:** 24\n**Column:** 377\n**Source Object:** conn\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 398\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 370\n**Source Object:** stmt\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 27\n**Column:** 353\n**Source Object:** stmt\n**Number:** 27\n**Code:** stmt.setString(1, username);\n-----\n**Line Number:** 28\n**Column:** 353\n**Source Object:** stmt\n**Number:** 28\n**Code:** stmt.setString(2, comments);\n-----\n**Line Number:** 29\n**Column:** 365\n**Source Object:** execute\n**Number:** 29\n**Code:** stmt.execute();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=463](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=463)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=464](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=464)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=465](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=465)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=466](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=466)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=467](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=467)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=468](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=468)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=469](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=469)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=470](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=470)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=471](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=471)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=472](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=472)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=473](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=473)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=474](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=474)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=475](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=475)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=476](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=476)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=477](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=477)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=478](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=478)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=479](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=479)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=480](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=480)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=481](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=481)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=482](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=482)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=483](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=483)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=484](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=484)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=485](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=485)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=486](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=486)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=487](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=487)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=488](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=488)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=489](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=489)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=490](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=490)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=491](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=491)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=492](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=492)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=493](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=493)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=494](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=494)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=495](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=495)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=496](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=496)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=497](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=497)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=498](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=498)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=499](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=499)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=500](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=500)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=501](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=501)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=502](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=502)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=503](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=503)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=504](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=504)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=505](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=505)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=506](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=506)\n\n**Line Number:** 24\n**Column:** 377\n**Source Object:** conn\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 398\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 370\n**Source Object:** stmt\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 27\n**Column:** 353\n**Source Object:** stmt\n**Number:** 27\n**Code:** stmt.setString(1, username);\n-----\n**Line Number:** 28\n**Column:** 353\n**Source Object:** stmt\n**Number:** 28\n**Code:** stmt.setString(2, comments);\n-----\n**Line Number:** 29\n**Column:** 365\n**Source Object:** execute\n**Number:** 29\n**Code:** stmt.execute();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -26331,7 +26331,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2021-03-21",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26360,9 +26360,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 79,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=333](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=333)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=333](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=333)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -26412,7 +26412,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26441,9 +26441,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 330,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=23](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=23)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=23](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=23)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -26493,7 +26493,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2021-02-19",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26522,9 +26522,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 89,
-      "date": "2020-11-21",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=339](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=339)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=339](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=339)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -26574,7 +26574,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-12-21",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26603,7 +26603,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": null,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "asdf",
       "duplicate": false,
@@ -26682,7 +26682,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 1035,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer\n\nStack-based buffer overflow in LexRuby.cxx (SciLexer.dll) in Scintilla 1.73, as used by notepad++ 4.1.1 and earlier, allows user-assisted remote attackers to execute arbitrary code via certain Ruby (.rb) files with long lines.  NOTE: this was originally reported as a vulnerability in notepad++.",
       "duplicate": false,
@@ -26734,7 +26734,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-12-08",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26763,7 +26763,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 1035,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')\n\nThe GUP generic update process in Notepad++ before 4.8.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.",
       "duplicate": false,
@@ -26815,7 +26815,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-12-08",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26844,7 +26844,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Account\\ViewAccountInfo.aspx.cs\nLine: 22\nCodeLine: ContactName is being repurposed as the foreign key to the user table.  Kludgey, I know.\n",
       "duplicate": false,
@@ -26925,7 +26925,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Medium\nDescription: The application is configured to return .NET debug information. This can provide an attacker with useful information and should not be used in a live application.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Web.config\nLine: 25\n",
       "duplicate": false,
@@ -26977,7 +26977,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2023-02-06",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -27006,7 +27006,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Standard\nDescription: The URL used in the HTTP request appears to be loaded from a variable. Check the code manually to ensure that malicious URLs cannot be submitted by an attacker.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\PackageTracking.aspx.cs\nLine: 72\nCodeLine:             Response.Redirect(Order.GetPackageTrackingUrl(_carrier, _trackingNumber));\n",
       "duplicate": false,
@@ -27058,7 +27058,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -27087,7 +27087,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\XtremelyEvilWebApp\\StealCookies.aspx.cs\nLine: 19\nCodeLine: TODO: Mail the cookie in real time.\n",
       "duplicate": false,
@@ -27168,7 +27168,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Infrastructure\\CustomerRepository.cs\nLine: 41\nCodeLine: TODO: Add try/catch logic\n",
       "duplicate": false,
@@ -27249,7 +27249,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Infrastructure\\ShipperRepository.cs\nLine: 37\nCodeLine: / TODO: Use the check digit algorithms to make it realistic.\n",
       "duplicate": false,
@@ -27330,7 +27330,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Medium\nDescription: The application is configured to return .NET debug information. This can provide an attacker with useful information and should not be used in a live application.\nFileName: C:\\Projects\\WebGoat.Net\\XtremelyEvilWebApp\\Web.config\nLine: 6\n",
       "duplicate": false,
@@ -27382,7 +27382,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2023-02-06",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -27411,7 +27411,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Product.aspx.cs\nLine: 58\nCodeLine: TODO: Put this in try/catch as well\n",
       "duplicate": false,
@@ -27492,7 +27492,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Checkout\\Checkout.aspx.cs\nLine: 145\nCodeLine: TODO: Uncommenting this line causes EF to throw exception when creating the order.\n",
       "duplicate": false,
@@ -27573,7 +27573,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Core\\Order.cs\nLine: 27\nCodeLine: TODO: Shipments and Payments should be singular.  Like customer.\n",
       "duplicate": false,
@@ -27654,7 +27654,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Standard\nDescription: The URL used in the HTTP request appears to be loaded from a variable. Check the code manually to ensure that malicious URLs cannot be submitted by an attacker.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Account\\Register.aspx.cs\nLine: 35\nCodeLine:             Response.Redirect(continueUrl);\n",
       "duplicate": false,
@@ -27706,7 +27706,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -27735,7 +27735,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Infrastructure\\BlogResponseRepository.cs\nLine: 18\nCodeLine: TODO: should put this in a try/catch\n",
       "duplicate": false,
@@ -27816,7 +27816,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Infrastructure\\BlogEntryRepository.cs\nLine: 18\nCodeLine: TODO: should put this in a try/catch\n",
       "duplicate": false,
@@ -27897,7 +27897,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Standard\nDescription: The URL used in the HTTP request appears to be loaded from a variable. Check the code manually to ensure that malicious URLs cannot be submitted by an attacker.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\PackageTracking.aspx.cs\nLine: 25\nCodeLine:                     Response.Redirect(Order.GetPackageTrackingUrl(_carrier, _trackingNumber));\n",
       "duplicate": false,
@@ -27949,7 +27949,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -27978,7 +27978,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Core\\Cart.cs\nLine: 16\nCodeLine: TODO: Refactor this. Use LINQ with aggregation to get SUM.\n",
       "duplicate": false,
@@ -28059,7 +28059,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Core\\Cart.cs\nLine: 41\nCodeLine: TODO: Add ability to delete an orderDetail and to change quantities.\n",
       "duplicate": false,
@@ -28140,7 +28140,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Product.aspx.cs\nLine: 59\nCodeLine: TODO: Feels like this is too much business logic.  Should be moved to OrderDetail constructor?\n",
       "duplicate": false,
@@ -28221,7 +28221,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Checkout\\Checkout.aspx.cs\nLine: 102\nCodeLine: TODO: Throws an error if we don't set the date. Try to set it to null or something.\n",
       "duplicate": false,
@@ -28302,7 +28302,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/password.jsp\n\nThe page contains a form with the following action URL:\n\n  * http://localhost:8888/bodgeit/password.jsp\n\nThe form contains the following password fields with autocomplete enabled:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe page contains a form with the following action URL:\n\n  * http://localhost:8888/bodgeit/register.jsp\n\nThe form contains the following password fields with autocomplete enabled:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe page contains a form with the following action URL:\n\n  * http://localhost:8888/bodgeit/login.jsp\n\nThe form contains the following password field with autocomplete enabled:\n  * password\n\n\n\n",
       "duplicate": false,
@@ -28354,7 +28354,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -28383,7 +28383,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/logout.jsp\n\n\nURL: http://localhost:8888/\n\n\nURL: http://localhost:8888/bodgeit/search.jsp\n\n\nURL: http://localhost:8888/bodgeit/score.jsp\n\n\nURL: http://localhost:8888/bodgeit/product.jsp\n\n\nURL: http://localhost:8888/bodgeit/password.jsp\n\n\nURL: http://localhost:8888/bodgeit/home.jsp\n\n\nURL: http://localhost:8888/bodgeit/contact.jsp\n\n\nURL: http://localhost:8888/bodgeit/about.jsp\n\n\nURL: http://localhost:8888/bodgeit/admin.jsp\n\n\nURL: http://localhost:8888/bodgeit/advanced.jsp\n\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\n\nURL: http://localhost:8888/bodgeit/\n\n\n",
       "duplicate": false,
@@ -28464,9 +28464,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
-      "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto \u003cscript\u003ealert(1)\u003c/script\u003enwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 \u003cscript\u003ealert(1)\u003c/script\u003ejledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n",
+      "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto <script>alert(1)</script>nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 <script>alert(1)</script>jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": true,
@@ -28491,7 +28491,7 @@
       "line": null,
       "mitigated": null,
       "mitigated_by": null,
-      "mitigation": "\n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including \u003c \u003e \" ' and =, should be replaced with the corresponding HTML entities (\u0026lt; \u0026gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n",
+      "mitigation": "\n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > \" ' and =, should be replaced with the corresponding HTML entities (&lt; &gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n",
       "nb_occurences": null,
       "notes": [],
       "numerical_severity": "S1",
@@ -28516,7 +28516,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-12-08",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -28545,7 +28545,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/\n\n\n",
       "duplicate": false,
@@ -28597,7 +28597,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -28626,7 +28626,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\n\n",
       "duplicate": false,
@@ -28678,7 +28678,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2023-02-06",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -28707,7 +28707,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/score.jsp\n\nThe following email addresses were disclosed in the response:\n\n  * admin@thebodgeitstore.com\n  * test@thebodgeitstore.com\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe following email address was disclosed in the response:\n\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/product.jsp\n\nThe following email address was disclosed in the response:\n\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/about.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/admin.jsp\n\nThe following email addresses were disclosed in the response:\n\n  * admin@thebodgeitstore.com\n  * test@test.com\n  * test@thebodgeitstore.com\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/advanced.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\n",
       "duplicate": false,
@@ -28788,7 +28788,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/login.jsp\n\nThe request appears to be vulnerable to cross-site request forgery (CSRF) attacks against unauthenticated functionality. This is unlikely to constitute a security vulnerability in its own right, however it may facilitate exploitation of other vulnerabilities affecting application users.\n\n",
       "duplicate": false,
@@ -28869,7 +28869,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/register.jsp\n\nThe **username** parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the username parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe **username** parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the username parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe **password** parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the password parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\nThe **b_id** cookie appears to be vulnerable to SQL injection attacks. The payload **'** was submitted in the b_id cookie, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.  \n  \nThe database appears to be Microsoft SQL Server.\n\n",
       "duplicate": false,
@@ -28921,7 +28921,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-12-08",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -28950,7 +28950,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/logout.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/score.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/product.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/password.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/home.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/contact.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/admin.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/advanced.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/about.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\n",
       "duplicate": false,
@@ -28977,7 +28977,7 @@
       "line": null,
       "mitigated": null,
       "mitigated_by": null,
-      "mitigation": "\n\nThe root cause of the vulnerability can be resolved by not using path-relative URLs in style sheet imports. Aside from this, attacks can also be prevented by implementing all of the following defensive measures: \n\n  * Setting the HTTP response header \"X-Frame-Options: deny\" in all responses. One method that an attacker can use to make a page render in quirks mode is to frame it within their own page that is rendered in quirks mode. Setting this header prevents the page from being framed.\n  * Setting a modern doctype (e.g. \"\u003c!doctype html\u003e\") in all HTML responses. This prevents the page from being rendered in quirks mode (unless it is being framed, as described above).\n  * Setting the HTTP response header \"X-Content-Type-Options: no sniff\" in all responses. This prevents the browser from processing a non-CSS response as CSS, even if another page loads the response via a style sheet import.\n\n\n",
+      "mitigation": "\n\nThe root cause of the vulnerability can be resolved by not using path-relative URLs in style sheet imports. Aside from this, attacks can also be prevented by implementing all of the following defensive measures: \n\n  * Setting the HTTP response header \"X-Frame-Options: deny\" in all responses. One method that an attacker can use to make a page render in quirks mode is to frame it within their own page that is rendered in quirks mode. Setting this header prevents the page from being framed.\n  * Setting a modern doctype (e.g. \"<!doctype html>\") in all HTML responses. This prevents the page from being rendered in quirks mode (unless it is being framed, as described above).\n  * Setting the HTTP response header \"X-Content-Type-Options: no sniff\" in all responses. This prevents the browser from processing a non-CSS response as CSS, even if another page loads the response via a style sheet import.\n\n\n",
       "nb_occurences": null,
       "notes": [],
       "numerical_severity": "S4",
@@ -29031,7 +29031,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/password.jsp\n\nThe page contains a form with the following action URL, which is submitted over clear-text HTTP:\n\n  * http://localhost:8888/bodgeit/password.jsp\n\nThe form contains the following password fields:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe page contains a form with the following action URL, which is submitted over clear-text HTTP:\n\n  * http://localhost:8888/bodgeit/register.jsp\n\nThe form contains the following password fields:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe page contains a form with the following action URL, which is submitted over clear-text HTTP:\n\n  * http://localhost:8888/bodgeit/login.jsp\n\nThe form contains the following password field:\n  * password\n\n\n\n",
       "duplicate": false,
@@ -29083,7 +29083,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-12-08",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -29112,7 +29112,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/xss/xss.go\nLine number: 59\nIssue Confidence: LOW\n\nCode:\ntemplate.HTML(notFound)\n",
       "duplicate": false,
@@ -29164,7 +29164,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2023-02-06",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -29193,7 +29193,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/xss/xss.go\nLine number: 58\nIssue Confidence: LOW\n\nCode:\ntemplate.HTML(value)\n",
       "duplicate": false,
@@ -29245,7 +29245,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2023-02-06",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -29274,7 +29274,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 165\nIssue Confidence: HIGH\n\nCode:\nhasher.Write([]byte(text))\n",
       "duplicate": false,
@@ -29326,7 +29326,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -29355,7 +29355,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 82\nIssue Confidence: HIGH\n\nCode:\np.GetData(sid)\n",
       "duplicate": false,
@@ -29407,7 +29407,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -29436,7 +29436,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/sqli/function.go\nLine number: 36-39\nIssue Confidence: HIGH\n\nCode:\nfmt.Sprintf(`SELECT p.user_id, p.full_name, p.city, p.phone_number \n\t\t\t\t\t\t\t\tFROM Profile as p,Users as u \n\t\t\t\t\t\t\t\twhere p.user_id = u.id \n\t\t\t\t\t\t\t\tand u.id=%s`,uid)\n",
       "duplicate": false,
@@ -29455,7 +29455,7 @@
       "impact": "",
       "inherited_tags": [],
       "is_mitigated": false,
-      "last_reviewed": "2022-11-10T07:07:19Z",
+      "last_reviewed": "2025-11-06T23:46:52Z",
       "last_reviewed_by": [
         "admin"
       ],
@@ -29488,7 +29488,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2023-02-06",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -29517,7 +29517,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/user/user.go\nLine number: 8\nIssue Confidence: HIGH\n\nCode:\n\"crypto/md5\"\n",
       "duplicate": false,
@@ -29569,7 +29569,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2023-02-06",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -29598,7 +29598,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 124\nIssue Confidence: HIGH\n\nCode:\np.GetData(sid)\n",
       "duplicate": false,
@@ -29650,7 +29650,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -29679,7 +29679,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/csa/csa.go\nLine number: 63\nIssue Confidence: HIGH\n\nCode:\nhasher.Write([]byte(text))\n",
       "duplicate": false,
@@ -29731,7 +29731,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -29760,7 +29760,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 164\nIssue Confidence: HIGH\n\nCode:\nmd5.New()\n",
       "duplicate": false,
@@ -29812,7 +29812,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2023-02-06",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -29841,7 +29841,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/user/user.go\nLine number: 160\nIssue Confidence: HIGH\n\nCode:\nmd5.New()\n",
       "duplicate": false,
@@ -29893,7 +29893,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2023-02-06",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -29922,7 +29922,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/util/template.go\nLine number: 35\nIssue Confidence: HIGH\n\nCode:\nw.Write(b)\n",
       "duplicate": false,
@@ -29974,7 +29974,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -30003,7 +30003,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/util/middleware/middleware.go\nLine number: 70\nIssue Confidence: HIGH\n\nCode:\nsqlmapDetected, _ := regexp.MatchString(\"sqlmap*\", userAgent)\n",
       "duplicate": false,
@@ -30055,7 +30055,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -30084,7 +30084,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/util/middleware/middleware.go\nLine number: 73\nIssue Confidence: HIGH\n\nCode:\nw.Write([]byte(\"Forbidden\"))\n",
       "duplicate": false,
@@ -30136,7 +30136,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -30165,7 +30165,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/app.go\nLine number: 79\nIssue Confidence: HIGH\n\nCode:\ns.ListenAndServe()\n",
       "duplicate": false,
@@ -30217,7 +30217,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -30246,7 +30246,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/xss/xss.go\nLine number: 62\nIssue Confidence: LOW\n\nCode:\ntemplate.HTML(value)\n",
       "duplicate": false,
@@ -30298,7 +30298,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2023-02-06",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -30327,7 +30327,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/xss/xss.go\nLine number: 63\nIssue Confidence: LOW\n\nCode:\ntemplate.HTML(vuln)\n",
       "duplicate": false,
@@ -30379,7 +30379,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2023-02-06",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -30408,9 +30408,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
-      "description": "Filename: /vagrant/go/src/govwa/setting/setting.go\nLine number: 66\nIssue Confidence: HIGH\n\nCode:\n_ = db.QueryRow(sql).Scan(\u0026version)\n",
+      "description": "Filename: /vagrant/go/src/govwa/setting/setting.go\nLine number: 66\nIssue Confidence: HIGH\n\nCode:\n_ = db.QueryRow(sql).Scan(&version)\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -30460,7 +30460,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -30489,7 +30489,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/setting/setting.go\nLine number: 64\nIssue Confidence: HIGH\n\nCode:\ndb,_ := database.Connect()\n",
       "duplicate": false,
@@ -30541,7 +30541,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -30570,7 +30570,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/csa/csa.go\nLine number: 62\nIssue Confidence: HIGH\n\nCode:\nmd5.New()\n",
       "duplicate": false,
@@ -30622,7 +30622,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2023-02-06",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -30651,7 +30651,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/csa/csa.go\nLine number: 7\nIssue Confidence: HIGH\n\nCode:\n\"crypto/md5\"\n",
       "duplicate": false,
@@ -30703,7 +30703,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2023-02-06",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -30732,7 +30732,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 8\nIssue Confidence: HIGH\n\nCode:\n\"crypto/md5\"\n",
       "duplicate": false,
@@ -30784,7 +30784,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2023-02-06",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -30813,7 +30813,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/util/cookie.go\nLine number: 42\nIssue Confidence: HIGH\n\nCode:\ncookie, _ := r.Cookie(name)\n",
       "duplicate": false,
@@ -30865,7 +30865,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -30894,7 +30894,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 42\nIssue Confidence: HIGH\n\nCode:\np.GetData(sid)\n",
       "duplicate": false,
@@ -30946,7 +30946,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -30975,7 +30975,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/xss/xss.go\nLine number: 100\nIssue Confidence: LOW\n\nCode:\ntemplate.HTML(inlineJS)\n",
       "duplicate": false,
@@ -31027,7 +31027,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2023-02-06",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -31056,7 +31056,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 61\nIssue Confidence: HIGH\n\nCode:\np.GetData(sid)\n",
       "duplicate": false,
@@ -31108,7 +31108,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -31137,7 +31137,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/user/user.go\nLine number: 161\nIssue Confidence: HIGH\n\nCode:\nhasher.Write([]byte(text))\n",
       "duplicate": false,
@@ -31189,7 +31189,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -31218,7 +31218,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/util/template.go\nLine number: 41\nIssue Confidence: HIGH\n\nCode:\ntemplate.ExecuteTemplate(w, name, data)\n",
       "duplicate": false,
@@ -31270,7 +31270,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -31299,7 +31299,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/util/template.go\nLine number: 45\nIssue Confidence: LOW\n\nCode:\ntemplate.HTML(text)\n",
       "duplicate": false,
@@ -31351,7 +31351,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2023-02-06",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -31380,7 +31380,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/password.jsp\n\nThe page contains a form with the following action URL:\n\n  * http://localhost:8888/bodgeit/password.jsp\n\nThe form contains the following password fields with autocomplete enabled:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe page contains a form with the following action URL:\n\n  * http://localhost:8888/bodgeit/register.jsp\n\nThe form contains the following password fields with autocomplete enabled:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe page contains a form with the following action URL:\n\n  * http://localhost:8888/bodgeit/login.jsp\n\nThe form contains the following password field with autocomplete enabled:\n  * password\n\n\n\n",
       "duplicate": false,
@@ -31432,7 +31432,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -31461,7 +31461,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/logout.jsp\n\n\nURL: http://localhost:8888/\n\n\nURL: http://localhost:8888/bodgeit/search.jsp\n\n\nURL: http://localhost:8888/bodgeit/score.jsp\n\n\nURL: http://localhost:8888/bodgeit/product.jsp\n\n\nURL: http://localhost:8888/bodgeit/password.jsp\n\n\nURL: http://localhost:8888/bodgeit/home.jsp\n\n\nURL: http://localhost:8888/bodgeit/contact.jsp\n\n\nURL: http://localhost:8888/bodgeit/about.jsp\n\n\nURL: http://localhost:8888/bodgeit/admin.jsp\n\n\nURL: http://localhost:8888/bodgeit/advanced.jsp\n\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\n\nURL: http://localhost:8888/bodgeit/\n\n\n",
       "duplicate": false,
@@ -31542,9 +31542,9 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
-      "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto \u003cscript\u003ealert(1)\u003c/script\u003enwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 \u003cscript\u003ealert(1)\u003c/script\u003ejledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n",
+      "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto <script>alert(1)</script>nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 <script>alert(1)</script>jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": true,
@@ -31569,7 +31569,7 @@
       "line": null,
       "mitigated": null,
       "mitigated_by": null,
-      "mitigation": "\n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including \u003c \u003e \" ' and =, should be replaced with the corresponding HTML entities (\u0026lt; \u0026gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n",
+      "mitigation": "\n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > \" ' and =, should be replaced with the corresponding HTML entities (&lt; &gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n",
       "nb_occurences": null,
       "notes": [],
       "numerical_severity": "S1",
@@ -31594,7 +31594,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-12-08",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -31623,7 +31623,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/\n\n\n",
       "duplicate": false,
@@ -31675,7 +31675,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2023-03-08",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -31704,7 +31704,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\n\n",
       "duplicate": false,
@@ -31756,7 +31756,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2023-02-06",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -31785,7 +31785,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/score.jsp\n\nThe following email addresses were disclosed in the response:\n\n  * admin@thebodgeitstore.com\n  * test@thebodgeitstore.com\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe following email address was disclosed in the response:\n\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/product.jsp\n\nThe following email address was disclosed in the response:\n\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/about.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/admin.jsp\n\nThe following email addresses were disclosed in the response:\n\n  * admin@thebodgeitstore.com\n  * test@test.com\n  * test@thebodgeitstore.com\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/advanced.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\n",
       "duplicate": false,
@@ -31866,7 +31866,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/login.jsp\n\nThe request appears to be vulnerable to cross-site request forgery (CSRF) attacks against unauthenticated functionality. This is unlikely to constitute a security vulnerability in its own right, however it may facilitate exploitation of other vulnerabilities affecting application users.\n\n",
       "duplicate": false,
@@ -31947,7 +31947,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/register.jsp\n\nThe **username** parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the username parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe **username** parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the username parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe **password** parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the password parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\nThe **b_id** cookie appears to be vulnerable to SQL injection attacks. The payload **'** was submitted in the b_id cookie, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.  \n  \nThe database appears to be Microsoft SQL Server.\n\n",
       "duplicate": false,
@@ -31999,7 +31999,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-12-08",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -32028,7 +32028,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/logout.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/score.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/product.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/password.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/home.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/contact.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/admin.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/advanced.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/about.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\n",
       "duplicate": false,
@@ -32055,7 +32055,7 @@
       "line": null,
       "mitigated": null,
       "mitigated_by": null,
-      "mitigation": "\n\nThe root cause of the vulnerability can be resolved by not using path-relative URLs in style sheet imports. Aside from this, attacks can also be prevented by implementing all of the following defensive measures: \n\n  * Setting the HTTP response header \"X-Frame-Options: deny\" in all responses. One method that an attacker can use to make a page render in quirks mode is to frame it within their own page that is rendered in quirks mode. Setting this header prevents the page from being framed.\n  * Setting a modern doctype (e.g. \"\u003c!doctype html\u003e\") in all HTML responses. This prevents the page from being rendered in quirks mode (unless it is being framed, as described above).\n  * Setting the HTTP response header \"X-Content-Type-Options: no sniff\" in all responses. This prevents the browser from processing a non-CSS response as CSS, even if another page loads the response via a style sheet import.\n\n\n",
+      "mitigation": "\n\nThe root cause of the vulnerability can be resolved by not using path-relative URLs in style sheet imports. Aside from this, attacks can also be prevented by implementing all of the following defensive measures: \n\n  * Setting the HTTP response header \"X-Frame-Options: deny\" in all responses. One method that an attacker can use to make a page render in quirks mode is to frame it within their own page that is rendered in quirks mode. Setting this header prevents the page from being framed.\n  * Setting a modern doctype (e.g. \"<!doctype html>\") in all HTML responses. This prevents the page from being rendered in quirks mode (unless it is being framed, as described above).\n  * Setting the HTTP response header \"X-Content-Type-Options: no sniff\" in all responses. This prevents the browser from processing a non-CSS response as CSS, even if another page loads the response via a style sheet import.\n\n\n",
       "nb_occurences": null,
       "notes": [],
       "numerical_severity": "S4",
@@ -32109,7 +32109,7 @@
       "cvssv3": null,
       "cvssv3_score": null,
       "cwe": 0,
-      "date": "2022-11-08",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/password.jsp\n\nThe page contains a form with the following action URL, which is submitted over clear-text HTTP:\n\n  * http://localhost:8888/bodgeit/password.jsp\n\nThe form contains the following password fields:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe page contains a form with the following action URL, which is submitted over clear-text HTTP:\n\n  * http://localhost:8888/bodgeit/register.jsp\n\nThe form contains the following password fields:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe page contains a form with the following action URL, which is submitted over clear-text HTTP:\n\n  * http://localhost:8888/bodgeit/login.jsp\n\nThe form contains the following password field:\n  * password\n\n\n\n",
       "duplicate": false,
@@ -32161,7 +32161,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-12-08",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -32182,7 +32182,7 @@
   },
   {
     "fields": {
-      "date": "2022-03-14",
+      "date": "2025-03-10",
       "description": "test stub finding",
       "reporter": [
         "admin"
@@ -32196,7 +32196,7 @@
   },
   {
     "fields": {
-      "date": "2022-03-14",
+      "date": "2025-03-10",
       "description": "test stub finding",
       "reporter": [
         "admin"
@@ -32210,7 +32210,7 @@
   },
   {
     "fields": {
-      "date": "2022-03-14",
+      "date": "2025-03-10",
       "description": "test stub finding",
       "reporter": [
         "admin"
@@ -42170,8 +42170,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T19:31:16Z",
-      "modified": "2019-06-22T19:31:16Z",
+      "created": "2022-06-19T12:10:49Z",
+      "modified": "2022-06-19T12:10:49Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42185,8 +42185,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T19:31:30Z",
-      "modified": "2019-06-22T19:31:30Z",
+      "created": "2022-06-19T12:11:03Z",
+      "modified": "2022-06-19T12:11:03Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42200,8 +42200,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T19:31:45Z",
-      "modified": "2019-06-22T19:31:45Z",
+      "created": "2022-06-19T12:11:18Z",
+      "modified": "2022-06-19T12:11:18Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42215,8 +42215,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T19:52:57Z",
-      "modified": "2019-06-22T19:52:57Z",
+      "created": "2022-06-19T12:32:30Z",
+      "modified": "2022-06-19T12:32:30Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42230,8 +42230,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T19:53:37Z",
-      "modified": "2019-06-22T19:53:37Z",
+      "created": "2022-06-19T12:33:10Z",
+      "modified": "2022-06-19T12:33:10Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42245,8 +42245,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T19:54:20Z",
-      "modified": "2019-06-22T19:54:20Z",
+      "created": "2022-06-19T12:33:53Z",
+      "modified": "2022-06-19T12:33:53Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42260,8 +42260,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T19:54:34Z",
-      "modified": "2019-06-22T19:54:34Z",
+      "created": "2022-06-19T12:34:07Z",
+      "modified": "2022-06-19T12:34:07Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42275,8 +42275,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T19:54:48Z",
-      "modified": "2019-06-22T19:54:48Z",
+      "created": "2022-06-19T12:34:21Z",
+      "modified": "2022-06-19T12:34:21Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42290,8 +42290,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T19:55:00Z",
-      "modified": "2019-06-22T19:55:00Z",
+      "created": "2022-06-19T12:34:33Z",
+      "modified": "2022-06-19T12:34:33Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42305,8 +42305,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T19:55:20Z",
-      "modified": "2019-06-22T19:55:20Z",
+      "created": "2022-06-19T12:34:53Z",
+      "modified": "2022-06-19T12:34:53Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42320,8 +42320,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T19:56:24Z",
-      "modified": "2019-06-22T19:56:24Z",
+      "created": "2022-06-19T12:35:57Z",
+      "modified": "2022-06-19T12:35:57Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42335,8 +42335,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T19:57:22Z",
-      "modified": "2019-06-22T19:57:22Z",
+      "created": "2022-06-19T12:36:55Z",
+      "modified": "2022-06-19T12:36:55Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42350,8 +42350,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T19:57:34Z",
-      "modified": "2019-06-22T19:57:34Z",
+      "created": "2022-06-19T12:37:07Z",
+      "modified": "2022-06-19T12:37:07Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42365,8 +42365,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T19:57:55Z",
-      "modified": "2019-06-22T19:57:55Z",
+      "created": "2022-06-19T12:37:28Z",
+      "modified": "2022-06-19T12:37:28Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42380,8 +42380,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T19:58:36Z",
-      "modified": "2019-06-22T19:58:36Z",
+      "created": "2022-06-19T12:38:09Z",
+      "modified": "2022-06-19T12:38:09Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42395,8 +42395,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:00:35Z",
-      "modified": "2019-06-22T20:00:35Z",
+      "created": "2022-06-19T12:40:08Z",
+      "modified": "2022-06-19T12:40:08Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42410,8 +42410,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:00:46Z",
-      "modified": "2019-06-22T20:00:46Z",
+      "created": "2022-06-19T12:40:19Z",
+      "modified": "2022-06-19T12:40:19Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42425,8 +42425,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:00:58Z",
-      "modified": "2019-06-22T20:00:58Z",
+      "created": "2022-06-19T12:40:31Z",
+      "modified": "2022-06-19T12:40:31Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42440,8 +42440,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:02:18Z",
-      "modified": "2019-06-22T20:02:18Z",
+      "created": "2022-06-19T12:41:51Z",
+      "modified": "2022-06-19T12:41:51Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42455,8 +42455,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:02:32Z",
-      "modified": "2019-06-22T20:02:32Z",
+      "created": "2022-06-19T12:42:05Z",
+      "modified": "2022-06-19T12:42:05Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42470,23 +42470,23 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:02:46Z",
-      "modified": "2019-06-22T20:02:46Z",
+      "created": "2022-06-19T12:42:19Z",
+      "modified": "2022-06-19T12:42:19Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
         "dojo",
         "benchmark_category"
       ],
-      "text": "When does information cross a privacy boundary within your application flow? For instance public cloud -\u003e private cloud, public internet -\u003e public cloud, etc."
+      "text": "When does information cross a privacy boundary within your application flow? For instance public cloud -> private cloud, public internet -> public cloud, etc."
     },
     "model": "dojo.question",
     "pk": 23
   },
   {
     "fields": {
-      "created": "2019-06-22T20:02:57Z",
-      "modified": "2019-06-22T20:02:57Z",
+      "created": "2022-06-19T12:42:30Z",
+      "modified": "2022-06-19T12:42:30Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42500,8 +42500,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:04:46Z",
-      "modified": "2019-06-22T20:04:46Z",
+      "created": "2022-06-19T12:44:19Z",
+      "modified": "2022-06-19T12:44:19Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42515,8 +42515,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:05:10Z",
-      "modified": "2019-06-22T20:05:10Z",
+      "created": "2022-06-19T12:44:43Z",
+      "modified": "2022-06-19T12:44:43Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42530,8 +42530,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:05:22Z",
-      "modified": "2019-06-22T20:05:22Z",
+      "created": "2022-06-19T12:44:55Z",
+      "modified": "2022-06-19T12:44:55Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42545,8 +42545,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:05:32Z",
-      "modified": "2019-06-22T20:05:32Z",
+      "created": "2022-06-19T12:45:05Z",
+      "modified": "2022-06-19T12:45:05Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42560,8 +42560,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:05:43Z",
-      "modified": "2019-06-22T20:05:43Z",
+      "created": "2022-06-19T12:45:16Z",
+      "modified": "2022-06-19T12:45:16Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42575,8 +42575,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:05:57Z",
-      "modified": "2019-06-22T20:05:57Z",
+      "created": "2022-06-19T12:45:30Z",
+      "modified": "2022-06-19T12:45:30Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42590,8 +42590,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:06:15Z",
-      "modified": "2019-06-22T20:06:15Z",
+      "created": "2022-06-19T12:45:48Z",
+      "modified": "2022-06-19T12:45:48Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42605,8 +42605,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:08:08Z",
-      "modified": "2019-06-22T20:08:08Z",
+      "created": "2022-06-19T12:47:41Z",
+      "modified": "2022-06-19T12:47:41Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42620,8 +42620,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:08:19Z",
-      "modified": "2019-06-22T20:08:19Z",
+      "created": "2022-06-19T12:47:52Z",
+      "modified": "2022-06-19T12:47:52Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42635,8 +42635,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:08:30Z",
-      "modified": "2019-06-22T20:08:30Z",
+      "created": "2022-06-19T12:48:03Z",
+      "modified": "2022-06-19T12:48:03Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42650,8 +42650,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:08:43Z",
-      "modified": "2019-06-22T20:08:43Z",
+      "created": "2022-06-19T12:48:16Z",
+      "modified": "2022-06-19T12:48:16Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42665,8 +42665,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:08:54Z",
-      "modified": "2019-06-22T20:08:54Z",
+      "created": "2022-06-19T12:48:27Z",
+      "modified": "2022-06-19T12:48:27Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42680,8 +42680,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:10:15Z",
-      "modified": "2019-06-22T20:10:15Z",
+      "created": "2022-06-19T12:49:48Z",
+      "modified": "2022-06-19T12:49:48Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42695,8 +42695,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:10:30Z",
-      "modified": "2019-06-22T20:10:30Z",
+      "created": "2022-06-19T12:50:03Z",
+      "modified": "2022-06-19T12:50:03Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42710,8 +42710,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:10:42Z",
-      "modified": "2019-06-22T20:10:42Z",
+      "created": "2022-06-19T12:50:15Z",
+      "modified": "2022-06-19T12:50:15Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42725,8 +42725,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:10:52Z",
-      "modified": "2019-06-22T20:10:52Z",
+      "created": "2022-06-19T12:50:25Z",
+      "modified": "2022-06-19T12:50:25Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42740,8 +42740,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:11:04Z",
-      "modified": "2019-06-22T20:11:04Z",
+      "created": "2022-06-19T12:50:37Z",
+      "modified": "2022-06-19T12:50:37Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42755,8 +42755,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:11:17Z",
-      "modified": "2019-06-22T20:11:17Z",
+      "created": "2022-06-19T12:50:50Z",
+      "modified": "2022-06-19T12:50:50Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -42770,8 +42770,8 @@
   },
   {
     "fields": {
-      "created": "2019-06-22T20:11:30Z",
-      "modified": "2019-06-22T20:11:30Z",
+      "created": "2022-06-19T12:51:03Z",
+      "modified": "2022-06-19T12:51:03Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -43863,7 +43863,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (register.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S1 None None None None None c49c87192b6b4f17151a471fd9d1bf3b302bca08781d67806c6556fe720af1b0 /root/register.jsp",
+      "content": "SQL Injection (register.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S1 None None None None None c49c87192b6b4f17151a471fd9d1bf3b302bca08781d67806c6556fe720af1b0 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -43881,7 +43881,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298)\n\n N/A N/A None None  S2 None None None None None a9c3269038ed8a49c4e7576b359f61a65a3bd82c163089bc20743e5a14aa0ab5 /root/login.jsp",
+      "content": "Download of Code Without Integrity Check (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298)\n\n N/A N/A None None  S2 None None None None None a9c3269038ed8a49c4e7576b359f61a65a3bd82c163089bc20743e5a14aa0ab5 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -43899,7 +43899,7 @@
   },
   {
     "fields": {
-      "content": "Missing X Frame Options (web.xml) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84)\n\n N/A N/A None None  S3 None None None None None 418f79f7a59a306d5e46aa4af1924b64200aed234ae994dcd66485eb30bbe869 /root/WEB-INF/web.xml",
+      "content": "Missing X Frame Options (web.xml) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84)\n\n N/A N/A None None  S3 None None None None None 418f79f7a59a306d5e46aa4af1924b64200aed234ae994dcd66485eb30bbe869 /root/WEB-INF/web.xml",
       "content_type": [
         "dojo",
         "test_import"
@@ -43917,7 +43917,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (AdvancedSearch.java) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n N/A N/A None None  S3 None None None None None 21c80d580d9f1de55f6179e2a08e5684f46c9734d79cf701b2ff25e6776ccdfc /src/com/thebodgeitstore/search/AdvancedSearch.java",
+      "content": "Information Exposure Through an Error Message (AdvancedSearch.java) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n N/A N/A None None  S3 None None None None None 21c80d580d9f1de55f6179e2a08e5684f46c9734d79cf701b2ff25e6776ccdfc /src/com/thebodgeitstore/search/AdvancedSearch.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -43935,7 +43935,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (home.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None fffd29bd0973269ddbbed2e210926c04d42cb12037117261626b95bd52bcff27 /root/home.jsp",
+      "content": "Improper Resource Shutdown or Release (home.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None fffd29bd0973269ddbbed2e210926c04d42cb12037117261626b95bd52bcff27 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -43953,7 +43953,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (basket.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S1 None None None None None 3406086ac5988ee8b55f70c618daf86c21702bb3c4c00e4607e5c21c2e3d3828 /root/basket.jsp",
+      "content": "Reflected XSS All Clients (basket.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S1 None None None None None 3406086ac5988ee8b55f70c618daf86c21702bb3c4c00e4607e5c21c2e3d3828 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -43971,7 +43971,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 24e74e8be8b222cf0b17c034d03c5b43a130c2b960095eb44c55f470e50f6924 /root/register.jsp",
+      "content": "HttpOnlyCookies (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 24e74e8be8b222cf0b17c034d03c5b43a130c2b960095eb44c55f470e50f6924 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -43989,7 +43989,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None None None None a91b30b026cda759c2608e1c8216cdd13e265c030b8c47f4690cd2182e4ad166 /root/register.jsp",
+      "content": "CGI Reflected XSS All Clients (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None None None None a91b30b026cda759c2608e1c8216cdd13e265c030b8c47f4690cd2182e4ad166 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44007,7 +44007,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None bfd9b74841c8d988d57c99353742f1e3180934ca6be2149a3fb7377329b57b33 /root/product.jsp",
+      "content": "Hardcoded password in Connection String (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None bfd9b74841c8d988d57c99353742f1e3180934ca6be2149a3fb7377329b57b33 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44025,7 +44025,7 @@
   },
   {
     "fields": {
-      "content": "Client Insecure Randomness (encryption.js) N/A Low **Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n N/A N/A None None  S3 None None None None None 9b003338465e31c37f36b2a2d9b01bf9003d1d2631e2c409b3d19d02c93a20b6 /root/js/encryption.js",
+      "content": "Client Insecure Randomness (encryption.js) N/A Low **Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n N/A N/A None None  S3 None None None None None 9b003338465e31c37f36b2a2d9b01bf9003d1d2631e2c409b3d19d02c93a20b6 /root/js/encryption.js",
       "content_type": [
         "dojo",
         "test_import"
@@ -44043,7 +44043,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (password.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S1 None None None None None 684ee38b55ea509e6c2be4a58ec52ba5d7e0c1952e09f8c8ca2bf0675650bd8f /root/password.jsp",
+      "content": "SQL Injection (password.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S1 None None None None None 684ee38b55ea509e6c2be4a58ec52ba5d7e0c1952e09f8c8ca2bf0675650bd8f /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44061,7 +44061,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (basket.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S1 None None None None None 99fb15b31049df2445ac3fd8729cbccbc6a19e4e410c3eb0ef95908c00b78fd7 /root/basket.jsp",
+      "content": "Stored XSS (basket.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S1 None None None None None 99fb15b31049df2445ac3fd8729cbccbc6a19e4e410c3eb0ef95908c00b78fd7 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44079,7 +44079,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None None None None 541eb71776b2d297f9aa790c52297b4f7d26acb0bce7de33bda136fdefe43cb7 /root/home.jsp",
+      "content": "CGI Stored XSS (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None None None None 541eb71776b2d297f9aa790c52297b4f7d26acb0bce7de33bda136fdefe43cb7 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44097,7 +44097,7 @@
   },
   {
     "fields": {
-      "content": "Not Using a Random IV with CBC Mode (AES.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n N/A N/A None None  S3 None None None None None e5ac755dbe3bfd23995c8d5a99779d188440c9e573d79b44130d90468d41439c /src/com/thebodgeitstore/util/AES.java",
+      "content": "Not Using a Random IV with CBC Mode (AES.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n N/A N/A None None  S3 None None None None None e5ac755dbe3bfd23995c8d5a99779d188440c9e573d79b44130d90468d41439c /src/com/thebodgeitstore/util/AES.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -44115,7 +44115,7 @@
   },
   {
     "fields": {
-      "content": "Collapse of Data into Unsafe Value (contact.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "Collapse of Data into Unsafe Value (contact.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "test_import"
@@ -44133,7 +44133,7 @@
   },
   {
     "fields": {
-      "content": "Stored Boundary Violation (login.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S3 None None None None None b0de3516ab323f5577e6ad94803e2ddf541214bbae868bf34e828ba3a4d966ca /root/login.jsp",
+      "content": "Stored Boundary Violation (login.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S3 None None None None None b0de3516ab323f5577e6ad94803e2ddf541214bbae868bf34e828ba3a4d966ca /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44151,7 +44151,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 13ceb3acfb49f194493bfb0af44f5f886a9767aa1c6990c8a397af756d97209c /root/home.jsp",
+      "content": "Hardcoded password in Connection String (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 13ceb3acfb49f194493bfb0af44f5f886a9767aa1c6990c8a397af756d97209c /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44169,7 +44169,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (password.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None None None None 8d7b5f3962f521cd5c2dc40e4ef9a7cc10cfc30efb90f4b5841e8e5463656c61 /root/password.jsp",
+      "content": "Blind SQL Injections (password.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None None None None 8d7b5f3962f521cd5c2dc40e4ef9a7cc10cfc30efb90f4b5841e8e5463656c61 /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44187,7 +44187,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (password.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None None None None 2237f06cb695ec1da91d51cab9fb037d8a9e84f1aa9ddbfeef59eef1a65af47e /root/password.jsp",
+      "content": "Heap Inspection (password.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None None None None 2237f06cb695ec1da91d51cab9fb037d8a9e84f1aa9ddbfeef59eef1a65af47e /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44205,7 +44205,7 @@
   },
   {
     "fields": {
-      "content": "Use of Cryptographically Weak PRNG (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None None None None 05880cd0576bed75819cae74abce873fdcce5f857ec95d937a458b0ca0a49195 /root/home.jsp",
+      "content": "Use of Cryptographically Weak PRNG (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None None None None 05880cd0576bed75819cae74abce873fdcce5f857ec95d937a458b0ca0a49195 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44223,7 +44223,7 @@
   },
   {
     "fields": {
-      "content": "Trust Boundary Violation (login.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S2 None None None None None 9ec4ce27f48767b96297ef3cb8eabba1814ea08a02801692a669540c5a7ce019 /root/login.jsp",
+      "content": "Trust Boundary Violation (login.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S2 None None None None None 9ec4ce27f48767b96297ef3cb8eabba1814ea08a02801692a669540c5a7ce019 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44241,7 +44241,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (admin.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n N/A N/A None None  S3 None None None None None fc95b0887dc03b9f29f45b95aeb41e7f681dc28388279d7e11c233d3b5235c00 /root/admin.jsp",
+      "content": "Information Exposure Through an Error Message (admin.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n N/A N/A None None  S3 None None None None None fc95b0887dc03b9f29f45b95aeb41e7f681dc28388279d7e11c233d3b5235c00 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44259,7 +44259,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n N/A N/A None None  S3 None None None None None bae03653ab0823182626d77d8ba94f2fab26eccdde7bcb11ddd0fb8dee79d717 /root/basket.jsp",
+      "content": "Reliance on Cookies in a Decision (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n N/A N/A None None  S3 None None None None None bae03653ab0823182626d77d8ba94f2fab26eccdde7bcb11ddd0fb8dee79d717 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44277,7 +44277,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None ae4e2ef51220be9b4ca71ee34ae9d174d093e6dd2da41951bc4ad2139a4dad3f /root/product.jsp",
+      "content": "Empty Password In Connection String (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None ae4e2ef51220be9b4ca71ee34ae9d174d093e6dd2da41951bc4ad2139a4dad3f /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44295,7 +44295,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (password.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None None None None c69d0a9ead39b5990a429c6ed185050ffadfda672b020ac6e7322ef02e72563a /root/password.jsp",
+      "content": "Improper Resource Access Authorization (password.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None None None None c69d0a9ead39b5990a429c6ed185050ffadfda672b020ac6e7322ef02e72563a /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44313,7 +44313,7 @@
   },
   {
     "fields": {
-      "content": "Client Cross Frame Scripting Attack (advanced.jsp) N/A Medium **Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None 51b52607f2a5915cd128ba4e24ce8e22ba019757f074a0ebc27c33d91a55378b /root/advanced.jsp",
+      "content": "Client Cross Frame Scripting Attack (advanced.jsp) N/A Medium **Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None None None None 51b52607f2a5915cd128ba4e24ce8e22ba019757f074a0ebc27c33d91a55378b /root/advanced.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44331,7 +44331,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None d947020e418c747ee99a0accd491030f65895189aefea2a96a390b3e843a9905 /root/password.jsp",
+      "content": "Hardcoded password in Connection String (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None d947020e418c747ee99a0accd491030f65895189aefea2a96a390b3e843a9905 /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44349,7 +44349,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies In Config (web.xml) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65)\n\n N/A N/A None None  S2 None None None None None b29d81fdf7a5477a7badd1a47406a27deb12b90d0b3db17f567344d1ec24e65c /root/WEB-INF/web.xml",
+      "content": "HttpOnlyCookies In Config (web.xml) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65)\n\n N/A N/A None None  S2 None None None None None b29d81fdf7a5477a7badd1a47406a27deb12b90d0b3db17f567344d1ec24e65c /root/WEB-INF/web.xml",
       "content_type": [
         "dojo",
         "test_import"
@@ -44367,7 +44367,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (AdvancedSearch.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 514c8fbd9da03f03f770c9e0ca12d8bb20db50f3a836b4d50f16e0d75b0cca08 /src/com/thebodgeitstore/search/AdvancedSearch.java",
+      "content": "Improper Resource Shutdown or Release (AdvancedSearch.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 514c8fbd9da03f03f770c9e0ca12d8bb20db50f3a836b4d50f16e0d75b0cca08 /src/com/thebodgeitstore/search/AdvancedSearch.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -44385,7 +44385,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (login.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None None None None 0441fee04d6e24c168f5b4b567cc31174f464330f27638f83f80ee87d0d3dc03 /root/login.jsp",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (login.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None None None None 0441fee04d6e24c168f5b4b567cc31174f464330f27638f83f80ee87d0d3dc03 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44403,7 +44403,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None None None None 7be257602d73f6146bbd1c6c4ab4970db0867933a1d2e87675770529b841d800 /root/login.jsp",
+      "content": "CGI Reflected XSS All Clients (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None None None None 7be257602d73f6146bbd1c6c4ab4970db0867933a1d2e87675770529b841d800 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44421,7 +44421,7 @@
   },
   {
     "fields": {
-      "content": "Suspected XSS (password.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** \u003ctd\u003e\u003c%=username%\u003e\u003c/td\u003e\n-----\n N/A N/A None None  S3 None None None None None ff922242dd15286d81f09888a33ad571eca598b615bf4d4b9024af17df42bc17 /root/password.jsp",
+      "content": "Suspected XSS (password.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** <td><%=username%></td>\n-----\n N/A N/A None None  S3 None None None None None ff922242dd15286d81f09888a33ad571eca598b615bf4d4b9024af17df42bc17 /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44439,7 +44439,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (contact.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 964aeee36e5998da77d3229f43830d362838d860d9e30c415fb58e9686a49625 /root/contact.jsp",
+      "content": "Hardcoded password in Connection String (contact.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 964aeee36e5998da77d3229f43830d362838d860d9e30c415fb58e9686a49625 /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44457,7 +44457,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (dbconnection.jspf) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None e57ed13a66f4041fa377af4db5110a50a8f4a67e0c7c2b3e955e4118844a2904 /root/dbconnection.jspf",
+      "content": "Hardcoded password in Connection String (dbconnection.jspf) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None e57ed13a66f4041fa377af4db5110a50a8f4a67e0c7c2b3e955e4118844a2904 /root/dbconnection.jspf",
       "content_type": [
         "dojo",
         "test_import"
@@ -44475,7 +44475,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107)\n\n N/A N/A None None  S3 None None None None None 8fc3621137e4dd32d75801ac6948909b20f671d21ed9dfe89d0e2f49a2554653 /root/register.jsp",
+      "content": "Empty Password In Connection String (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107)\n\n N/A N/A None None  S3 None None None None None 8fc3621137e4dd32d75801ac6948909b20f671d21ed9dfe89d0e2f49a2554653 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44493,7 +44493,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 3988a18fe8f515ab1f92c649f43f20d33e8e8692d00a9dc80f2863342b522698 /root/home.jsp",
+      "content": "Download of Code Without Integrity Check (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 3988a18fe8f515ab1f92c649f43f20d33e8e8692d00a9dc80f2863342b522698 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44511,7 +44511,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None cfc58944e3181521dc3a9ec917dcb54d7a54ebbf3f0e8aaca7fec60a05485c63 /root/home.jsp",
+      "content": "Information Exposure Through an Error Message (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None cfc58944e3181521dc3a9ec917dcb54d7a54ebbf3f0e8aaca7fec60a05485c63 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44529,7 +44529,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (login.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S1 None None None None None 9878411e3b89bc832e58fa15e46d19e2e607309d3df9f152114d5ff62f95f0ce /root/login.jsp",
+      "content": "SQL Injection (login.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S1 None None None None None 9878411e3b89bc832e58fa15e46d19e2e607309d3df9f152114d5ff62f95f0ce /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44547,7 +44547,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (advanced.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S3 None None None None None 35055620006745673ffba1cb3c1e8c09a9fd59f6438e6d45fbbb222a10968120 /root/advanced.jsp",
+      "content": "Empty Password In Connection String (advanced.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S3 None None None None None 35055620006745673ffba1cb3c1e8c09a9fd59f6438e6d45fbbb222a10968120 /root/advanced.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44565,7 +44565,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (score.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S2 None None None None None 60fff62e2e1d2383da91886a96d64905e184a3044037dc2595c3ccf28faacd6c /root/score.jsp",
+      "content": "CGI Stored XSS (score.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S2 None None None None None 60fff62e2e1d2383da91886a96d64905e184a3044037dc2595c3ccf28faacd6c /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44583,7 +44583,7 @@
   },
   {
     "fields": {
-      "content": "Plaintext Storage in a Cookie (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None None None None c81c73f4bd1bb970a016bd7e5f1979af8d05eac71f387b2da9bd4affcaf13f81 /root/basket.jsp",
+      "content": "Plaintext Storage in a Cookie (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None None None None c81c73f4bd1bb970a016bd7e5f1979af8d05eac71f387b2da9bd4affcaf13f81 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44601,7 +44601,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (contact.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n N/A N/A None None  S3 None None None None None 1e74e0c4e0572c6bb5aaee26176b8a40ce024325bbffea1ddbb120bab9d9542c /root/contact.jsp",
+      "content": "Information Exposure Through an Error Message (contact.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n N/A N/A None None  S3 None None None None None 1e74e0c4e0572c6bb5aaee26176b8a40ce024325bbffea1ddbb120bab9d9542c /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44619,7 +44619,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None 4568d7e34ac50ab291c955c8acb368e5abe73de05bd3080e2efc7b00f329600f /root/basket.jsp",
+      "content": "Hardcoded password in Connection String (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n N/A N/A None None  S2 None None None None None 4568d7e34ac50ab291c955c8acb368e5abe73de05bd3080e2efc7b00f329600f /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44637,7 +44637,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (admin.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S1 None None None None None 1f91fef184e69387463ce9719fe9756145e16e76d39609aa5fa3e0eaa1274d05 /root/admin.jsp",
+      "content": "Stored XSS (admin.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S1 None None None None None 1f91fef184e69387463ce9719fe9756145e16e76d39609aa5fa3e0eaa1274d05 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44655,7 +44655,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (admin.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 75a93a572c186be5fe7f5221a64306b5b35dddf605b5e231ffc74442bd3728a4 /root/admin.jsp",
+      "content": "Download of Code Without Integrity Check (admin.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 75a93a572c186be5fe7f5221a64306b5b35dddf605b5e231ffc74442bd3728a4 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44673,7 +44673,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (init.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None afd07fc450ae8609c93797c8fd893028f7d8a9841999facd0a08236696c05841 /root/init.jsp",
+      "content": "Empty Password In Connection String (init.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None afd07fc450ae8609c93797c8fd893028f7d8a9841999facd0a08236696c05841 /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44691,7 +44691,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (login.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n N/A N/A None None  S2 None None None None None 78439e5edd436844bb6dc527f6effe0836b88b0fb946747b7f957da95b479fc2 /root/login.jsp",
+      "content": "Heap Inspection (login.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n N/A N/A None None  S2 None None None None None 78439e5edd436844bb6dc527f6effe0836b88b0fb946747b7f957da95b479fc2 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44709,7 +44709,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 92b54561d5d262a88920162ba7bf19fc0444975582be837047cab5d79c992447 /root/product.jsp",
+      "content": "Download of Code Without Integrity Check (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 92b54561d5d262a88920162ba7bf19fc0444975582be837047cab5d79c992447 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44727,7 +44727,7 @@
   },
   {
     "fields": {
-      "content": "Session Fixation (AdvancedSearch.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n N/A N/A None None  S2 None None None None None f24533b1fc628061c2037eb55ffe66aed6bfa2436fadaf6e424e4905ed238e21 /src/com/thebodgeitstore/search/AdvancedSearch.java",
+      "content": "Session Fixation (AdvancedSearch.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n N/A N/A None None  S2 None None None None None f24533b1fc628061c2037eb55ffe66aed6bfa2436fadaf6e424e4905ed238e21 /src/com/thebodgeitstore/search/AdvancedSearch.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -44745,7 +44745,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (search.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** \u003c%= output %\u003e\n-----\n N/A N/A None None  S1 None None None None None 38321299050d31a3b8168316e30316d786236785a9c31427fb6f2631d3065a7c /root/search.jsp",
+      "content": "Stored XSS (search.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** <%= output %>\n-----\n N/A N/A None None  S1 None None None None None 38321299050d31a3b8168316e30316d786236785a9c31427fb6f2631d3065a7c /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44763,7 +44763,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (dbconnection.jspf) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None 24cd9b35200f9ca729fcccb8348baccd2ddfeee2f22177fd40e46931f8547659 /root/dbconnection.jspf",
+      "content": "Empty Password In Connection String (dbconnection.jspf) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None 24cd9b35200f9ca729fcccb8348baccd2ddfeee2f22177fd40e46931f8547659 /root/dbconnection.jspf",
       "content_type": [
         "dojo",
         "test_import"
@@ -44781,7 +44781,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (init.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 148a501a59e0d04eb52b5cd58b4d654b4a7883e8ad09dcd5801e775113a1000d /root/init.jsp",
+      "content": "Hardcoded password in Connection String (init.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 148a501a59e0d04eb52b5cd58b4d654b4a7883e8ad09dcd5801e775113a1000d /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44799,7 +44799,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "Reflected XSS All Clients (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "test_import"
@@ -44817,7 +44817,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 06cd6507296edca41e97d652a873c31230bf98fa8bdeab477fedb680ff606932 /root/basket.jsp",
+      "content": "HttpOnlyCookies (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 06cd6507296edca41e97d652a873c31230bf98fa8bdeab477fedb680ff606932 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44835,7 +44835,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305)\n\n N/A N/A None None  S2 None None None None None 62f3875efdcf326015adee1ecd85c4ecdca5bc9c4719e5c9177dff8b0afffa1f /root/register.jsp",
+      "content": "Download of Code Without Integrity Check (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305)\n\n N/A N/A None None  S2 None None None None None 62f3875efdcf326015adee1ecd85c4ecdca5bc9c4719e5c9177dff8b0afffa1f /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44853,7 +44853,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (home.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None None None None 0007a2df1ab7dc00f2144451d894f513c7d872e1153a0759982a8c866001cc02 /root/home.jsp",
+      "content": "Stored XSS (home.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None None None None 0007a2df1ab7dc00f2144451d894f513c7d872e1153a0759982a8c866001cc02 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44871,7 +44871,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None 7dba1c0820d0f6017ca3333f7f9a8865a862604c4b13a1eed04666c6e364fa36 /root/home.jsp",
+      "content": "Empty Password In Connection String (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None 7dba1c0820d0f6017ca3333f7f9a8865a862604c4b13a1eed04666c6e364fa36 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44889,7 +44889,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (register.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None None None None 95568708fa568cc74c7ef8279b87869ebc932305da1878dbb1b7597c75a57bc1 /root/register.jsp",
+      "content": "Reflected XSS All Clients (register.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None None None None 95568708fa568cc74c7ef8279b87869ebc932305da1878dbb1b7597c75a57bc1 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44907,7 +44907,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None b037e71624f50f74cfbd0f0cd561daa1e87b1ac3690b19b1d3fe3c36ef452628 /root/product.jsp",
+      "content": "Improper Resource Access Authorization (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None b037e71624f50f74cfbd0f0cd561daa1e87b1ac3690b19b1d3fe3c36ef452628 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44925,7 +44925,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 945eb840563ed9b29b08ff0838d391e775d2e45f26817ad0b321b41e608564cf /root/password.jsp",
+      "content": "Download of Code Without Integrity Check (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 945eb840563ed9b29b08ff0838d391e775d2e45f26817ad0b321b41e608564cf /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44943,7 +44943,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (score.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307)\n\n N/A N/A None None  S2 None None None None None 6e270eb7494286a67571f0d33112e997365a0de45a119ef8199d270c32d806ab /root/score.jsp",
+      "content": "Download of Code Without Integrity Check (score.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307)\n\n N/A N/A None None  S2 None None None None None 6e270eb7494286a67571f0d33112e997365a0de45a119ef8199d270c32d806ab /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44961,7 +44961,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n N/A N/A None None  S3 None None None None None 76a4b74903cac92c02f0d0c7eca32f417f6ce4a3fb04f16eff17cfc0e8f8df7f /root/basket.jsp",
+      "content": "Improper Resource Access Authorization (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n N/A N/A None None  S3 None None None None None 76a4b74903cac92c02f0d0c7eca32f417f6ce4a3fb04f16eff17cfc0e8f8df7f /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44979,7 +44979,7 @@
   },
   {
     "fields": {
-      "content": "Race Condition Format Flaw (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\" + nf.format(pricetopay) + \"\");\n-----\n N/A N/A None None  S3 None None None None None 3db6ca06969817d45acccd02c0ba65067c1e11e9d4d7c34c7301612e63b2f75a /root/basket.jsp",
+      "content": "Race Condition Format Flaw (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\" + nf.format(pricetopay) + \"\");\n-----\n N/A N/A None None  S3 None None None None None 3db6ca06969817d45acccd02c0ba65067c1e11e9d4d7c34c7301612e63b2f75a /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -44997,7 +44997,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n N/A N/A None None  S3 None None None None None 66ad49b768c1dcb417d1047d6a3e134473f45969fdc41c529a37088dec29804e /root/header.jsp",
+      "content": "Empty Password In Connection String (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n N/A N/A None None  S3 None None None None None 66ad49b768c1dcb417d1047d6a3e134473f45969fdc41c529a37088dec29804e /root/header.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45015,7 +45015,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (FunctionalZAP.java) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n N/A N/A None None  S3 None None None None None 174ea52e3d43e0e3089705762ecd259a74bdb4c592473a8c4615c8d37e840725 /src/com/thebodgeitstore/selenium/tests/FunctionalZAP.java",
+      "content": "Improper Resource Access Authorization (FunctionalZAP.java) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n N/A N/A None None  S3 None None None None None 174ea52e3d43e0e3089705762ecd259a74bdb4c592473a8c4615c8d37e840725 /src/com/thebodgeitstore/selenium/tests/FunctionalZAP.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -45033,7 +45033,7 @@
   },
   {
     "fields": {
-      "content": "Suspected XSS (contact.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S3 None None None None None cecce89612fa88ff6270b822a8840911536f983c5ab580f5e7df0ec93a95884a /root/contact.jsp",
+      "content": "Suspected XSS (contact.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S3 None None None None None cecce89612fa88ff6270b822a8840911536f983c5ab580f5e7df0ec93a95884a /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45051,7 +45051,7 @@
   },
   {
     "fields": {
-      "content": "Use of Cryptographically Weak PRNG (init.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None afa0b4d8453f20629d5863f0cb1b8d4e31bf2e8c4476db973a78731ffcf08bd2 /root/init.jsp",
+      "content": "Use of Cryptographically Weak PRNG (init.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None afa0b4d8453f20629d5863f0cb1b8d4e31bf2e8c4476db973a78731ffcf08bd2 /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45069,7 +45069,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None None None None 1aec22aeffa8b6201ad60b0a0d2b166ddbaefca6ab534bbc4d2a827bc02f5c20 /root/product.jsp",
+      "content": "CGI Stored XSS (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None None None None 1aec22aeffa8b6201ad60b0a0d2b166ddbaefca6ab534bbc4d2a827bc02f5c20 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45087,7 +45087,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (init.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None 2a7f9ff0b80ef53370128384650fe897d773383109c7d171159cbfbc232476e2 /root/init.jsp",
+      "content": "Improper Resource Shutdown or Release (init.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None 2a7f9ff0b80ef53370128384650fe897d773383109c7d171159cbfbc232476e2 /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45105,7 +45105,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (header.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n N/A N/A None None  S2 None None None None None bef5f29fc5d5f44cef3dd5db1aaeeb5f2e5d7480a197045e6d176f0ab26b5fa2 /root/header.jsp",
+      "content": "Download of Code Without Integrity Check (header.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n N/A N/A None None  S2 None None None None None bef5f29fc5d5f44cef3dd5db1aaeeb5f2e5d7480a197045e6d176f0ab26b5fa2 /root/header.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45123,7 +45123,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45141,7 +45141,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None None None None 2de5b8ed091eaaf750260b056239152b81363c790977699374b03d93e1d28551 /root/login.jsp",
+      "content": "Blind SQL Injections (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None None None None 2de5b8ed091eaaf750260b056239152b81363c790977699374b03d93e1d28551 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45159,7 +45159,7 @@
   },
   {
     "fields": {
-      "content": "Client DOM Open Redirect (advanced.jsp) N/A Low **Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** New Search\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** New Search\n-----\n N/A N/A None None  S3 None None None None None 3173d904f9ac1a4779a3b5fd52f271e6a7871d6cb5387d2ced15025a4a15db93 /root/advanced.jsp",
+      "content": "Client DOM Open Redirect (advanced.jsp) N/A Low **Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** New Search\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** New Search\n-----\n N/A N/A None None  S3 None None None None None 3173d904f9ac1a4779a3b5fd52f271e6a7871d6cb5387d2ced15025a4a15db93 /root/advanced.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45177,7 +45177,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (search.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None 775723c89fdaed1cc6b85ecc489c028159d261e95e7ad4ad80d03ddd63bc99ea /root/search.jsp",
+      "content": "Hardcoded password in Connection String (search.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S2 None None None None None 775723c89fdaed1cc6b85ecc489c028159d261e95e7ad4ad80d03ddd63bc99ea /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45195,7 +45195,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S2 None None None None None 9e3aa3082f7d93e52f9bfe97630e9fd6f6c04c5791dd22505ab238d1a6bf9242 /root/basket.jsp",
+      "content": "CGI Stored XSS (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S2 None None None None None 9e3aa3082f7d93e52f9bfe97630e9fd6f6c04c5791dd22505ab238d1a6bf9242 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45213,7 +45213,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (init.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 2fe1558daec12a621f0504714bee44be8d382a57c7cdda160ddad8a2e8b8ca48 /root/init.jsp",
+      "content": "Use of Insufficiently Random Values (init.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 2fe1558daec12a621f0504714bee44be8d382a57c7cdda160ddad8a2e8b8ca48 /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45231,7 +45231,7 @@
   },
   {
     "fields": {
-      "content": "Missing X Frame Options (web.xml) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S3 None None None None None 5fb0f064b2f7098c57e1115b391bf7a6eb57feae63c2848b916a5b79dccf66f3 /build/WEB-INF/web.xml",
+      "content": "Missing X Frame Options (web.xml) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S3 None None None None None 5fb0f064b2f7098c57e1115b391bf7a6eb57feae63c2848b916a5b79dccf66f3 /build/WEB-INF/web.xml",
       "content_type": [
         "dojo",
         "test_import"
@@ -45249,7 +45249,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (search.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"alert(\\\"xss\\\")\") \u003e= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** You searched for: \u003c%= query %\u003e\n-----\n N/A N/A None None  S1 None None None None None 86efaa45244686266a1c4f1aef52d60ce791dd4cb64feebe5b214db5838b8e06 /root/search.jsp",
+      "content": "Reflected XSS All Clients (search.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"alert(\\\"xss\\\")\") >= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** You searched for: <%= query %>\n-----\n N/A N/A None None  S1 None None None None None 86efaa45244686266a1c4f1aef52d60ce791dd4cb64feebe5b214db5838b8e06 /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45267,7 +45267,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (basket.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None None None None 7d988ddc1b32f65ada9bd17516943b28e33458ea570ce92843bdb49e7a7e22fb /root/basket.jsp",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (basket.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None None None None 7d988ddc1b32f65ada9bd17516943b28e33458ea570ce92843bdb49e7a7e22fb /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45285,7 +45285,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 1c24c0fc04774515bc6dc38386250282055e0585ae71b405586b552ca04b31c9 /root/score.jsp",
+      "content": "Information Exposure Through an Error Message (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 1c24c0fc04774515bc6dc38386250282055e0585ae71b405586b552ca04b31c9 /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45303,7 +45303,7 @@
   },
   {
     "fields": {
-      "content": "Use of Hard coded Cryptographic Key (AdvancedSearch.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n N/A N/A None None  S2 None None None None None d68d7152bc4b3f069aa236ff41cab28da77d7e668b77cb4de10ae8bf7a2e85be /src/com/thebodgeitstore/search/AdvancedSearch.java",
+      "content": "Use of Hard coded Cryptographic Key (AdvancedSearch.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n N/A N/A None None  S2 None None None None None d68d7152bc4b3f069aa236ff41cab28da77d7e668b77cb4de10ae8bf7a2e85be /src/com/thebodgeitstore/search/AdvancedSearch.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -45321,7 +45321,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (register.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None None None None 84c57ed3e3723016b9425c8549bd0faab967538a59e072c2dc5c85974a72bf41 /root/register.jsp",
+      "content": "Reliance on Cookies in a Decision (register.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None None None None 84c57ed3e3723016b9425c8549bd0faab967538a59e072c2dc5c85974a72bf41 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45339,7 +45339,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n N/A N/A None None  S1 None None None None None 2dc7787335253be93ebb64d3ad632116363f3a5821c070db4cc28c18a0eee09e /root/contact.jsp",
+      "content": "Stored XSS (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n N/A N/A None None  S1 None None None None None 2dc7787335253be93ebb64d3ad632116363f3a5821c070db4cc28c18a0eee09e /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45357,7 +45357,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (admin.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S2 None None None None None 45fe7a9d8b946b2cbc6aaf8b5e36608cc629e5f388f91433664d3c2f19a29991 /root/admin.jsp",
+      "content": "CGI Stored XSS (admin.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S2 None None None None None 45fe7a9d8b946b2cbc6aaf8b5e36608cc629e5f388f91433664d3c2f19a29991 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45375,7 +45375,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (register.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None None None None 6e5f6914b0e963152cff1f6b9fe1c39a2f177979e6885bdbac5bd88f1d40d8cd /root/register.jsp",
+      "content": "Heap Inspection (register.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None None None None 6e5f6914b0e963152cff1f6b9fe1c39a2f177979e6885bdbac5bd88f1d40d8cd /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45393,7 +45393,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (search.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 763571cd8b09d88baae5cc8bc9d755e2401e204c335894933401186d14be3992 /root/search.jsp",
+      "content": "Improper Resource Shutdown or Release (search.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 763571cd8b09d88baae5cc8bc9d755e2401e204c335894933401186d14be3992 /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45411,7 +45411,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") \u003e= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 508298807b8bd2787b58a49d31bd3f056293c7656e8936eb2e478b3636fa5e19 /root/register.jsp",
+      "content": "Information Exposure Through an Error Message (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") >= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 508298807b8bd2787b58a49d31bd3f056293c7656e8936eb2e478b3636fa5e19 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45429,7 +45429,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (init.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None 1544a01109756bdb265135b3dbc4efca3a22c8d19fa9b50407c94760f04d5610 /root/init.jsp",
+      "content": "Improper Resource Access Authorization (init.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None 1544a01109756bdb265135b3dbc4efca3a22c8d19fa9b50407c94760f04d5610 /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45447,7 +45447,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (header.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n N/A N/A None None  S2 None None None None None d6251c8822044d55511b364098e264ca2113391d999c6aefe5c1cca3743e2f2d /root/header.jsp",
+      "content": "CGI Stored XSS (header.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n N/A N/A None None  S2 None None None None None d6251c8822044d55511b364098e264ca2113391d999c6aefe5c1cca3743e2f2d /root/header.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45465,7 +45465,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None None None None f8234be5bed59174a5f1f4efef0acb152b788f55c1804e2abbc185fe69ceea31 /root/basket.jsp",
+      "content": "Blind SQL Injections (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None None None None f8234be5bed59174a5f1f4efef0acb152b788f55c1804e2abbc185fe69ceea31 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45483,7 +45483,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies In Config (web.xml) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S2 None None None None None 7d3502f71ea947677c3ae5e39ae8da99c7024c3820a1c546bbdfe3ea4a0fdfc0 /build/WEB-INF/web.xml",
+      "content": "HttpOnlyCookies In Config (web.xml) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S2 None None None None None 7d3502f71ea947677c3ae5e39ae8da99c7024c3820a1c546bbdfe3ea4a0fdfc0 /build/WEB-INF/web.xml",
       "content_type": [
         "dojo",
         "test_import"
@@ -45501,7 +45501,7 @@
   },
   {
     "fields": {
-      "content": "Use of Hard coded Cryptographic Key (AES.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n N/A N/A None None  S2 None None None None None 779b4fe3dd494b8c323ddb7cb879f60051ac263904a16ac65af5a210cf797c0b /src/com/thebodgeitstore/util/AES.java",
+      "content": "Use of Hard coded Cryptographic Key (AES.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n N/A N/A None None  S2 None None None None None 779b4fe3dd494b8c323ddb7cb879f60051ac263904a16ac65af5a210cf797c0b /src/com/thebodgeitstore/util/AES.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -45519,7 +45519,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (score.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 326fbad527801598a49946804f53bff975023eeb4c7c992932611d45d0b46201 /root/score.jsp",
+      "content": "Improper Resource Shutdown or Release (score.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 326fbad527801598a49946804f53bff975023eeb4c7c992932611d45d0b46201 /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45537,7 +45537,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S2 None None None None None d818b17afca02a70991162f0cf5fbb16d2fef322b72c5c77b4c32bd209b3dc02 /root/basket.jsp",
+      "content": "CGI Reflected XSS All Clients (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S2 None None None None None d818b17afca02a70991162f0cf5fbb16d2fef322b72c5c77b4c32bd209b3dc02 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45555,7 +45555,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (score.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S1 None None None None None 926d5bb4d3abbed178afd6c5ffb752e6774908ad90893262c187e71e3197f31d /root/score.jsp",
+      "content": "Stored XSS (score.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S1 None None None None None 926d5bb4d3abbed178afd6c5ffb752e6774908ad90893262c187e71e3197f31d /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45573,7 +45573,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None cfa4c706348e59de8b65228daccc21474abf67877a50dec0efa031e947d2e3bd /root/basket.jsp",
+      "content": "Information Exposure Through an Error Message (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None cfa4c706348e59de8b65228daccc21474abf67877a50dec0efa031e947d2e3bd /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45591,7 +45591,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n N/A N/A None None  S3 None None None None None b493926fdab24fe92c9c28363e72429e66631bd5056f574ddefb983212933d10 /root/search.jsp",
+      "content": "Improper Resource Access Authorization (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n N/A N/A None None  S3 None None None None None b493926fdab24fe92c9c28363e72429e66631bd5056f574ddefb983212933d10 /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45609,7 +45609,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 40f3e776293c5c19ac7b521181adfef56ed09288fa417f519d1cc6071cba8a17 /root/home.jsp",
+      "content": "Improper Resource Access Authorization (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 40f3e776293c5c19ac7b521181adfef56ed09288fa417f519d1cc6071cba8a17 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45627,7 +45627,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (admin.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 8332e5bd42770868b5db865ca9017c31fcea5a91cff250c4341dc73ed5fdb6e6 /root/admin.jsp",
+      "content": "Improper Resource Shutdown or Release (admin.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 8332e5bd42770868b5db865ca9017c31fcea5a91cff250c4341dc73ed5fdb6e6 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45645,7 +45645,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 641ba17f6201ed5f40524a90c0e0fc03d8a4731528be567b639362cef3f20ef2 /root/search.jsp",
+      "content": "Information Exposure Through an Error Message (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 641ba17f6201ed5f40524a90c0e0fc03d8a4731528be567b639362cef3f20ef2 /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45663,7 +45663,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None None None None c3fb1583f06a0ce7bee2084607680b357d63dd8f9cc56d5d09f0601a3c62a336 /root/register.jsp",
+      "content": "Blind SQL Injections (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None None None None c3fb1583f06a0ce7bee2084607680b357d63dd8f9cc56d5d09f0601a3c62a336 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45681,7 +45681,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (login.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None None None None 11b43c1ce56100d6a92b74b27d6e6901f3822b44c4b6e8437a7622f71c3a58a9 /root/login.jsp",
+      "content": "Reliance on Cookies in a Decision (login.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None None None None 11b43c1ce56100d6a92b74b27d6e6901f3822b44c4b6e8437a7622f71c3a58a9 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45699,7 +45699,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (search.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None 7a001d11b5d7d20f5215658fc735a31e530696faddeae3eacf81662d4870e89a /root/search.jsp",
+      "content": "Download of Code Without Integrity Check (search.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S2 None None None None None 7a001d11b5d7d20f5215658fc735a31e530696faddeae3eacf81662d4870e89a /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45717,7 +45717,7 @@
   },
   {
     "fields": {
-      "content": "Unsynchronized Access To Shared Data (AdvancedSearch.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n N/A N/A None None  S3 None None None None None dc13f474e6f512cb31374bfa4658ce7a866d6b832d40742e784ef14f6513ab87 /src/com/thebodgeitstore/search/AdvancedSearch.java",
+      "content": "Unsynchronized Access To Shared Data (AdvancedSearch.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n N/A N/A None None  S3 None None None None None dc13f474e6f512cb31374bfa4658ce7a866d6b832d40742e784ef14f6513ab87 /src/com/thebodgeitstore/search/AdvancedSearch.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -45735,7 +45735,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S3 None None None None None 63f306f6577c64ad2d38ddd3985cc649b11dd360f7a962e98cb63686c89b2b95 /root/search.jsp",
+      "content": "Empty Password In Connection String (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S3 None None None None None 63f306f6577c64ad2d38ddd3985cc649b11dd360f7a962e98cb63686c89b2b95 /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45753,7 +45753,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45771,7 +45771,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 5b24a32f74c75879a1adc65bf89b03bb64f81565dbd6a2240149f2ce1bd27d40 /root/score.jsp",
+      "content": "Improper Resource Access Authorization (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 5b24a32f74c75879a1adc65bf89b03bb64f81565dbd6a2240149f2ce1bd27d40 /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45789,7 +45789,7 @@
   },
   {
     "fields": {
-      "content": "Session Fixation (logout.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n N/A N/A None None  S2 None None None None None 08569015fcc466a18ab405324d0dfe6af4b141110e47b73226ea117ecd44ff10 /root/logout.jsp",
+      "content": "Session Fixation (logout.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n N/A N/A None None  S2 None None None None None 08569015fcc466a18ab405324d0dfe6af4b141110e47b73226ea117ecd44ff10 /root/logout.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45807,7 +45807,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802)\n\n N/A N/A None None  S2 None None None None None fd480c121d5e26af3fb8c7ec89137aab25d86e44ff154f5aae742384cf80a2dd /root/login.jsp",
+      "content": "Hardcoded password in Connection String (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802)\n\n N/A N/A None None  S2 None None None None None fd480c121d5e26af3fb8c7ec89137aab25d86e44ff154f5aae742384cf80a2dd /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45825,7 +45825,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (advanced.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None b755a0cc07b69b72eb284df102459af7c502318c53c769999ec925d0da354d44 /root/advanced.jsp",
+      "content": "Hardcoded password in Connection String (advanced.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None None None None b755a0cc07b69b72eb284df102459af7c502318c53c769999ec925d0da354d44 /root/advanced.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45843,7 +45843,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None None None None 70d68584520c7bc1b47ca45fc75b42460659a52957a10fe2a99858c32b329ae1 /root/login.jsp",
+      "content": "Improper Resource Access Authorization (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None None None None 70d68584520c7bc1b47ca45fc75b42460659a52957a10fe2a99858c32b329ae1 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45861,7 +45861,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 920ba1bf2ab979534eda06dd720ba0baa9cff2b1c14fd1ad56e89a5d656ed2f9 /root/header.jsp",
+      "content": "Improper Resource Access Authorization (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 920ba1bf2ab979534eda06dd720ba0baa9cff2b1c14fd1ad56e89a5d656ed2f9 /root/header.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45879,7 +45879,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109)\n\n N/A N/A None None  S3 None None None None None 6bea74fa6a2e15eb4e272fd8033b63984cb1cfefd52189c7031b58d7bd325f44 /root/score.jsp",
+      "content": "Empty Password In Connection String (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109)\n\n N/A N/A None None  S3 None None None None None 6bea74fa6a2e15eb4e272fd8033b63984cb1cfefd52189c7031b58d7bd325f44 /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45897,7 +45897,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (password.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n N/A N/A None None  S3 None None None None None 97e071423b295531965759c3641effa4a92e8e67f5ae40a3248a0a296aada52d /root/password.jsp",
+      "content": "Improper Resource Shutdown or Release (password.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n N/A N/A None None  S3 None None None None None 97e071423b295531965759c3641effa4a92e8e67f5ae40a3248a0a296aada52d /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45915,7 +45915,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (product.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 810541dc4d59d52088c1c29bfbb5ed70b10bfa657980a3099b26ff8799955f28 /root/product.jsp",
+      "content": "Improper Resource Shutdown or Release (product.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 810541dc4d59d52088c1c29bfbb5ed70b10bfa657980a3099b26ff8799955f28 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45933,7 +45933,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100)\n\n N/A N/A None None  S3 None None None None None eba9a993ff2b55ebdda24cb3c0fbc777bd7bcf038a01463f56b2f472f5a95296 /root/login.jsp",
+      "content": "Empty Password In Connection String (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100)\n\n N/A N/A None None  S3 None None None None None eba9a993ff2b55ebdda24cb3c0fbc777bd7bcf038a01463f56b2f472f5a95296 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45951,7 +45951,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None af0420cc3c001e6a1c65aceb86644080bcdb3f08b6be7cfc96a3bb3e20685afb /root/login.jsp",
+      "content": "Information Exposure Through an Error Message (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None af0420cc3c001e6a1c65aceb86644080bcdb3f08b6be7cfc96a3bb3e20685afb /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45969,7 +45969,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (contact.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None None None None 78ceea05b00023deec3b210877d332bf03d07b237e8339f508a18c62b1146f88 /root/contact.jsp",
+      "content": "Use of Insufficiently Random Values (contact.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None None None None 78ceea05b00023deec3b210877d332bf03d07b237e8339f508a18c62b1146f88 /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -45987,7 +45987,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S1 None None None None None 9384efff38eaa33266a2f5888dea18392a0e8b658b770fcfed268f06d3a1052d /root/contact.jsp",
+      "content": "Stored XSS (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S1 None None None None None 9384efff38eaa33266a2f5888dea18392a0e8b658b770fcfed268f06d3a1052d /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46005,7 +46005,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 93595b491f79115f85df3ef403cfc4ecd34e22dedf95aa24fbc18f56039d26f3 /root/login.jsp",
+      "content": "HttpOnlyCookies (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 93595b491f79115f85df3ef403cfc4ecd34e22dedf95aa24fbc18f56039d26f3 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46023,7 +46023,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (register.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None None None None ebfe755d6f8f91724d9d8a0672c12dce0200f818bce80b7fcaab30987b124a99 /root/register.jsp",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (register.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None None None None ebfe755d6f8f91724d9d8a0672c12dce0200f818bce80b7fcaab30987b124a99 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46041,7 +46041,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 584b05859f76b43b2736a28ac1c8ac88497704d0f31868218fcda9077396a215 /root/header.jsp",
+      "content": "Information Exposure Through an Error Message (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 584b05859f76b43b2736a28ac1c8ac88497704d0f31868218fcda9077396a215 /root/header.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46059,7 +46059,7 @@
   },
   {
     "fields": {
-      "content": "Race Condition Format Flaw (product.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\" + nf.format(price) + \"\");\n-----\n N/A N/A None None  S3 None None None None None b1306a4177b37bad4dbe763419df19ec56d7442262be5dfeff6d346b3b900ad1 /root/product.jsp",
+      "content": "Race Condition Format Flaw (product.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\" + nf.format(price) + \"\");\n-----\n N/A N/A None None  S3 None None None None None b1306a4177b37bad4dbe763419df19ec56d7442262be5dfeff6d346b3b900ad1 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46077,7 +46077,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (product.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n N/A N/A None None  S1 None None None None None 59304c367c39a7f0983c4ef2f90a13207866a37422ff5cc03db07d0efe46aed2 /root/product.jsp",
+      "content": "Stored XSS (product.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n N/A N/A None None  S1 None None None None None 59304c367c39a7f0983c4ef2f90a13207866a37422ff5cc03db07d0efe46aed2 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46095,7 +46095,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46113,7 +46113,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (init.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 28820e0352bb80a1d3c1085204cfeb522ddd29ee680ae46350260bf63359646f /root/init.jsp",
+      "content": "Heap Inspection (init.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 28820e0352bb80a1d3c1085204cfeb522ddd29ee680ae46350260bf63359646f /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46131,7 +46131,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (contact.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "CGI Reflected XSS All Clients (contact.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "test_import"
@@ -46149,7 +46149,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (contact.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None ce6c5523b17b77be323a526e757f04235f6d8a3023ac5208b12b7c34de4fcbb6 /root/contact.jsp",
+      "content": "Empty Password In Connection String (contact.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None ce6c5523b17b77be323a526e757f04235f6d8a3023ac5208b12b7c34de4fcbb6 /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46167,7 +46167,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n N/A N/A None None  S3 None None None None None 85b4b54f401f88fb286b6442b56fecb5922a025504207d94f5835e4b9e4c3d49 /root/product.jsp",
+      "content": "Information Exposure Through an Error Message (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n N/A N/A None None  S3 None None None None None 85b4b54f401f88fb286b6442b56fecb5922a025504207d94f5835e4b9e4c3d49 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46185,7 +46185,7 @@
   },
   {
     "fields": {
-      "content": "XSRF (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S2 None None None None None 371010ba334ccc433d73bf0c9cdaec557d5f7ec338c6f925d8a71763a228d473 /root/password.jsp",
+      "content": "XSRF (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S2 None None None None None 371010ba334ccc433d73bf0c9cdaec557d5f7ec338c6f925d8a71763a228d473 /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46203,7 +46203,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (advanced.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None ea8b569d6c5fe9dba625c6540acd9880534f7a19a5bf4b84fb838ad65d08d26f /root/advanced.jsp",
+      "content": "Download of Code Without Integrity Check (advanced.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None None None None ea8b569d6c5fe9dba625c6540acd9880534f7a19a5bf4b84fb838ad65d08d26f /root/advanced.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46221,7 +46221,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None None None None d0e517ef410747c79f882b9fc73a04a92ef6b4792017378ae5c4a39e21a921c5 /root/register.jsp",
+      "content": "Improper Resource Access Authorization (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None None None None d0e517ef410747c79f882b9fc73a04a92ef6b4792017378ae5c4a39e21a921c5 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46257,7 +46257,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (register.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S1 None None None None None c49c87192b6b4f17151a471fd9d1bf3b302bca08781d67806c6556fe720af1b0 /root/register.jsp",
+      "content": "SQL Injection (register.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S1 None None None None None c49c87192b6b4f17151a471fd9d1bf3b302bca08781d67806c6556fe720af1b0 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46275,7 +46275,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298)\n\n N/A N/A None None  S2 None None None None None a9c3269038ed8a49c4e7576b359f61a65a3bd82c163089bc20743e5a14aa0ab5 /root/login.jsp",
+      "content": "Download of Code Without Integrity Check (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298)\n\n N/A N/A None None  S2 None None None None None a9c3269038ed8a49c4e7576b359f61a65a3bd82c163089bc20743e5a14aa0ab5 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46293,7 +46293,7 @@
   },
   {
     "fields": {
-      "content": "Missing X Frame Options (web.xml) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84)\n\n N/A N/A None None  S3 None None None None None 418f79f7a59a306d5e46aa4af1924b64200aed234ae994dcd66485eb30bbe869 /root/WEB-INF/web.xml",
+      "content": "Missing X Frame Options (web.xml) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84)\n\n N/A N/A None None  S3 None None None None None 418f79f7a59a306d5e46aa4af1924b64200aed234ae994dcd66485eb30bbe869 /root/WEB-INF/web.xml",
       "content_type": [
         "dojo",
         "test_import"
@@ -46311,7 +46311,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (AdvancedSearch.java) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n N/A N/A None None  S3 None None None None None 21c80d580d9f1de55f6179e2a08e5684f46c9734d79cf701b2ff25e6776ccdfc /src/com/thebodgeitstore/search/AdvancedSearch.java",
+      "content": "Information Exposure Through an Error Message (AdvancedSearch.java) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n N/A N/A None None  S3 None None None None None 21c80d580d9f1de55f6179e2a08e5684f46c9734d79cf701b2ff25e6776ccdfc /src/com/thebodgeitstore/search/AdvancedSearch.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -46329,7 +46329,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (home.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None fffd29bd0973269ddbbed2e210926c04d42cb12037117261626b95bd52bcff27 /root/home.jsp",
+      "content": "Improper Resource Shutdown or Release (home.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None fffd29bd0973269ddbbed2e210926c04d42cb12037117261626b95bd52bcff27 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46347,7 +46347,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (basket.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S1 None None None None None 3406086ac5988ee8b55f70c618daf86c21702bb3c4c00e4607e5c21c2e3d3828 /root/basket.jsp",
+      "content": "Reflected XSS All Clients (basket.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S1 None None None None None 3406086ac5988ee8b55f70c618daf86c21702bb3c4c00e4607e5c21c2e3d3828 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46365,7 +46365,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 24e74e8be8b222cf0b17c034d03c5b43a130c2b960095eb44c55f470e50f6924 /root/register.jsp",
+      "content": "HttpOnlyCookies (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 24e74e8be8b222cf0b17c034d03c5b43a130c2b960095eb44c55f470e50f6924 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46383,7 +46383,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None None None None a91b30b026cda759c2608e1c8216cdd13e265c030b8c47f4690cd2182e4ad166 /root/register.jsp",
+      "content": "CGI Reflected XSS All Clients (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None None None None a91b30b026cda759c2608e1c8216cdd13e265c030b8c47f4690cd2182e4ad166 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46401,7 +46401,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None bfd9b74841c8d988d57c99353742f1e3180934ca6be2149a3fb7377329b57b33 /root/product.jsp",
+      "content": "Hardcoded password in Connection String (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None bfd9b74841c8d988d57c99353742f1e3180934ca6be2149a3fb7377329b57b33 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46419,7 +46419,7 @@
   },
   {
     "fields": {
-      "content": "Client Insecure Randomness (encryption.js) N/A Low **Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n N/A N/A None None  S3 None None None None None 9b003338465e31c37f36b2a2d9b01bf9003d1d2631e2c409b3d19d02c93a20b6 /root/js/encryption.js",
+      "content": "Client Insecure Randomness (encryption.js) N/A Low **Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n N/A N/A None None  S3 None None None None None 9b003338465e31c37f36b2a2d9b01bf9003d1d2631e2c409b3d19d02c93a20b6 /root/js/encryption.js",
       "content_type": [
         "dojo",
         "test_import"
@@ -46437,7 +46437,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (password.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S1 None None None None None 684ee38b55ea509e6c2be4a58ec52ba5d7e0c1952e09f8c8ca2bf0675650bd8f /root/password.jsp",
+      "content": "SQL Injection (password.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S1 None None None None None 684ee38b55ea509e6c2be4a58ec52ba5d7e0c1952e09f8c8ca2bf0675650bd8f /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46455,7 +46455,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (basket.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S1 None None None None None 99fb15b31049df2445ac3fd8729cbccbc6a19e4e410c3eb0ef95908c00b78fd7 /root/basket.jsp",
+      "content": "Stored XSS (basket.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S1 None None None None None 99fb15b31049df2445ac3fd8729cbccbc6a19e4e410c3eb0ef95908c00b78fd7 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46473,7 +46473,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None None None None 541eb71776b2d297f9aa790c52297b4f7d26acb0bce7de33bda136fdefe43cb7 /root/home.jsp",
+      "content": "CGI Stored XSS (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None None None None 541eb71776b2d297f9aa790c52297b4f7d26acb0bce7de33bda136fdefe43cb7 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46491,7 +46491,7 @@
   },
   {
     "fields": {
-      "content": "Not Using a Random IV with CBC Mode (AES.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n N/A N/A None None  S3 None None None None None e5ac755dbe3bfd23995c8d5a99779d188440c9e573d79b44130d90468d41439c /src/com/thebodgeitstore/util/AES.java",
+      "content": "Not Using a Random IV with CBC Mode (AES.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n N/A N/A None None  S3 None None None None None e5ac755dbe3bfd23995c8d5a99779d188440c9e573d79b44130d90468d41439c /src/com/thebodgeitstore/util/AES.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -46509,7 +46509,7 @@
   },
   {
     "fields": {
-      "content": "Collapse of Data into Unsafe Value (contact.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "Collapse of Data into Unsafe Value (contact.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "test_import"
@@ -46527,7 +46527,7 @@
   },
   {
     "fields": {
-      "content": "Stored Boundary Violation (login.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S3 None None None None None b0de3516ab323f5577e6ad94803e2ddf541214bbae868bf34e828ba3a4d966ca /root/login.jsp",
+      "content": "Stored Boundary Violation (login.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S3 None None None None None b0de3516ab323f5577e6ad94803e2ddf541214bbae868bf34e828ba3a4d966ca /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46545,7 +46545,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 13ceb3acfb49f194493bfb0af44f5f886a9767aa1c6990c8a397af756d97209c /root/home.jsp",
+      "content": "Hardcoded password in Connection String (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 13ceb3acfb49f194493bfb0af44f5f886a9767aa1c6990c8a397af756d97209c /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46563,7 +46563,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (password.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None None None None 8d7b5f3962f521cd5c2dc40e4ef9a7cc10cfc30efb90f4b5841e8e5463656c61 /root/password.jsp",
+      "content": "Blind SQL Injections (password.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None None None None 8d7b5f3962f521cd5c2dc40e4ef9a7cc10cfc30efb90f4b5841e8e5463656c61 /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46581,7 +46581,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (password.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None None None None 2237f06cb695ec1da91d51cab9fb037d8a9e84f1aa9ddbfeef59eef1a65af47e /root/password.jsp",
+      "content": "Heap Inspection (password.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None None None None 2237f06cb695ec1da91d51cab9fb037d8a9e84f1aa9ddbfeef59eef1a65af47e /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46599,7 +46599,7 @@
   },
   {
     "fields": {
-      "content": "Use of Cryptographically Weak PRNG (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None None None None 05880cd0576bed75819cae74abce873fdcce5f857ec95d937a458b0ca0a49195 /root/home.jsp",
+      "content": "Use of Cryptographically Weak PRNG (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None None None None 05880cd0576bed75819cae74abce873fdcce5f857ec95d937a458b0ca0a49195 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46617,7 +46617,7 @@
   },
   {
     "fields": {
-      "content": "Trust Boundary Violation (login.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S2 None None None None None 9ec4ce27f48767b96297ef3cb8eabba1814ea08a02801692a669540c5a7ce019 /root/login.jsp",
+      "content": "Trust Boundary Violation (login.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S2 None None None None None 9ec4ce27f48767b96297ef3cb8eabba1814ea08a02801692a669540c5a7ce019 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46635,7 +46635,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (admin.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n N/A N/A None None  S3 None None None None None fc95b0887dc03b9f29f45b95aeb41e7f681dc28388279d7e11c233d3b5235c00 /root/admin.jsp",
+      "content": "Information Exposure Through an Error Message (admin.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n N/A N/A None None  S3 None None None None None fc95b0887dc03b9f29f45b95aeb41e7f681dc28388279d7e11c233d3b5235c00 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46653,7 +46653,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n N/A N/A None None  S3 None None None None None bae03653ab0823182626d77d8ba94f2fab26eccdde7bcb11ddd0fb8dee79d717 /root/basket.jsp",
+      "content": "Reliance on Cookies in a Decision (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n N/A N/A None None  S3 None None None None None bae03653ab0823182626d77d8ba94f2fab26eccdde7bcb11ddd0fb8dee79d717 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46671,7 +46671,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None ae4e2ef51220be9b4ca71ee34ae9d174d093e6dd2da41951bc4ad2139a4dad3f /root/product.jsp",
+      "content": "Empty Password In Connection String (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None ae4e2ef51220be9b4ca71ee34ae9d174d093e6dd2da41951bc4ad2139a4dad3f /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46689,7 +46689,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (password.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None None None None c69d0a9ead39b5990a429c6ed185050ffadfda672b020ac6e7322ef02e72563a /root/password.jsp",
+      "content": "Improper Resource Access Authorization (password.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None None None None c69d0a9ead39b5990a429c6ed185050ffadfda672b020ac6e7322ef02e72563a /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46707,7 +46707,7 @@
   },
   {
     "fields": {
-      "content": "Client Cross Frame Scripting Attack (advanced.jsp) N/A Medium **Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None 51b52607f2a5915cd128ba4e24ce8e22ba019757f074a0ebc27c33d91a55378b /root/advanced.jsp",
+      "content": "Client Cross Frame Scripting Attack (advanced.jsp) N/A Medium **Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None None None None 51b52607f2a5915cd128ba4e24ce8e22ba019757f074a0ebc27c33d91a55378b /root/advanced.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46725,7 +46725,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None d947020e418c747ee99a0accd491030f65895189aefea2a96a390b3e843a9905 /root/password.jsp",
+      "content": "Hardcoded password in Connection String (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None d947020e418c747ee99a0accd491030f65895189aefea2a96a390b3e843a9905 /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46743,7 +46743,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies In Config (web.xml) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65)\n\n N/A N/A None None  S2 None None None None None b29d81fdf7a5477a7badd1a47406a27deb12b90d0b3db17f567344d1ec24e65c /root/WEB-INF/web.xml",
+      "content": "HttpOnlyCookies In Config (web.xml) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65)\n\n N/A N/A None None  S2 None None None None None b29d81fdf7a5477a7badd1a47406a27deb12b90d0b3db17f567344d1ec24e65c /root/WEB-INF/web.xml",
       "content_type": [
         "dojo",
         "test_import"
@@ -46761,7 +46761,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (AdvancedSearch.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 514c8fbd9da03f03f770c9e0ca12d8bb20db50f3a836b4d50f16e0d75b0cca08 /src/com/thebodgeitstore/search/AdvancedSearch.java",
+      "content": "Improper Resource Shutdown or Release (AdvancedSearch.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 514c8fbd9da03f03f770c9e0ca12d8bb20db50f3a836b4d50f16e0d75b0cca08 /src/com/thebodgeitstore/search/AdvancedSearch.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -46779,7 +46779,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (login.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None None None None 0441fee04d6e24c168f5b4b567cc31174f464330f27638f83f80ee87d0d3dc03 /root/login.jsp",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (login.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None None None None 0441fee04d6e24c168f5b4b567cc31174f464330f27638f83f80ee87d0d3dc03 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46797,7 +46797,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None None None None 7be257602d73f6146bbd1c6c4ab4970db0867933a1d2e87675770529b841d800 /root/login.jsp",
+      "content": "CGI Reflected XSS All Clients (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None None None None 7be257602d73f6146bbd1c6c4ab4970db0867933a1d2e87675770529b841d800 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46815,7 +46815,7 @@
   },
   {
     "fields": {
-      "content": "Suspected XSS (password.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** \u003ctd\u003e\u003c%=username%\u003e\u003c/td\u003e\n-----\n N/A N/A None None  S3 None None None None None ff922242dd15286d81f09888a33ad571eca598b615bf4d4b9024af17df42bc17 /root/password.jsp",
+      "content": "Suspected XSS (password.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** <td><%=username%></td>\n-----\n N/A N/A None None  S3 None None None None None ff922242dd15286d81f09888a33ad571eca598b615bf4d4b9024af17df42bc17 /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46833,7 +46833,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (contact.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 964aeee36e5998da77d3229f43830d362838d860d9e30c415fb58e9686a49625 /root/contact.jsp",
+      "content": "Hardcoded password in Connection String (contact.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 964aeee36e5998da77d3229f43830d362838d860d9e30c415fb58e9686a49625 /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46851,7 +46851,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (dbconnection.jspf) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None e57ed13a66f4041fa377af4db5110a50a8f4a67e0c7c2b3e955e4118844a2904 /root/dbconnection.jspf",
+      "content": "Hardcoded password in Connection String (dbconnection.jspf) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None e57ed13a66f4041fa377af4db5110a50a8f4a67e0c7c2b3e955e4118844a2904 /root/dbconnection.jspf",
       "content_type": [
         "dojo",
         "test_import"
@@ -46869,7 +46869,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107)\n\n N/A N/A None None  S3 None None None None None 8fc3621137e4dd32d75801ac6948909b20f671d21ed9dfe89d0e2f49a2554653 /root/register.jsp",
+      "content": "Empty Password In Connection String (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107)\n\n N/A N/A None None  S3 None None None None None 8fc3621137e4dd32d75801ac6948909b20f671d21ed9dfe89d0e2f49a2554653 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46887,7 +46887,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 3988a18fe8f515ab1f92c649f43f20d33e8e8692d00a9dc80f2863342b522698 /root/home.jsp",
+      "content": "Download of Code Without Integrity Check (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 3988a18fe8f515ab1f92c649f43f20d33e8e8692d00a9dc80f2863342b522698 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46905,7 +46905,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None cfc58944e3181521dc3a9ec917dcb54d7a54ebbf3f0e8aaca7fec60a05485c63 /root/home.jsp",
+      "content": "Information Exposure Through an Error Message (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None cfc58944e3181521dc3a9ec917dcb54d7a54ebbf3f0e8aaca7fec60a05485c63 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46923,7 +46923,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (login.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S1 None None None None None 9878411e3b89bc832e58fa15e46d19e2e607309d3df9f152114d5ff62f95f0ce /root/login.jsp",
+      "content": "SQL Injection (login.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S1 None None None None None 9878411e3b89bc832e58fa15e46d19e2e607309d3df9f152114d5ff62f95f0ce /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46941,7 +46941,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (advanced.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S3 None None None None None 35055620006745673ffba1cb3c1e8c09a9fd59f6438e6d45fbbb222a10968120 /root/advanced.jsp",
+      "content": "Empty Password In Connection String (advanced.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S3 None None None None None 35055620006745673ffba1cb3c1e8c09a9fd59f6438e6d45fbbb222a10968120 /root/advanced.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46959,7 +46959,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (score.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S2 None None None None None 60fff62e2e1d2383da91886a96d64905e184a3044037dc2595c3ccf28faacd6c /root/score.jsp",
+      "content": "CGI Stored XSS (score.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S2 None None None None None 60fff62e2e1d2383da91886a96d64905e184a3044037dc2595c3ccf28faacd6c /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46977,7 +46977,7 @@
   },
   {
     "fields": {
-      "content": "Plaintext Storage in a Cookie (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None None None None c81c73f4bd1bb970a016bd7e5f1979af8d05eac71f387b2da9bd4affcaf13f81 /root/basket.jsp",
+      "content": "Plaintext Storage in a Cookie (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None None None None c81c73f4bd1bb970a016bd7e5f1979af8d05eac71f387b2da9bd4affcaf13f81 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -46995,7 +46995,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (contact.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n N/A N/A None None  S3 None None None None None 1e74e0c4e0572c6bb5aaee26176b8a40ce024325bbffea1ddbb120bab9d9542c /root/contact.jsp",
+      "content": "Information Exposure Through an Error Message (contact.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n N/A N/A None None  S3 None None None None None 1e74e0c4e0572c6bb5aaee26176b8a40ce024325bbffea1ddbb120bab9d9542c /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47013,7 +47013,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None 4568d7e34ac50ab291c955c8acb368e5abe73de05bd3080e2efc7b00f329600f /root/basket.jsp",
+      "content": "Hardcoded password in Connection String (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n N/A N/A None None  S2 None None None None None 4568d7e34ac50ab291c955c8acb368e5abe73de05bd3080e2efc7b00f329600f /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47031,7 +47031,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (admin.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S1 None None None None None 1f91fef184e69387463ce9719fe9756145e16e76d39609aa5fa3e0eaa1274d05 /root/admin.jsp",
+      "content": "Stored XSS (admin.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S1 None None None None None 1f91fef184e69387463ce9719fe9756145e16e76d39609aa5fa3e0eaa1274d05 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47049,7 +47049,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (admin.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 75a93a572c186be5fe7f5221a64306b5b35dddf605b5e231ffc74442bd3728a4 /root/admin.jsp",
+      "content": "Download of Code Without Integrity Check (admin.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 75a93a572c186be5fe7f5221a64306b5b35dddf605b5e231ffc74442bd3728a4 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47067,7 +47067,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (init.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None afd07fc450ae8609c93797c8fd893028f7d8a9841999facd0a08236696c05841 /root/init.jsp",
+      "content": "Empty Password In Connection String (init.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None afd07fc450ae8609c93797c8fd893028f7d8a9841999facd0a08236696c05841 /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47085,7 +47085,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (login.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n N/A N/A None None  S2 None None None None None 78439e5edd436844bb6dc527f6effe0836b88b0fb946747b7f957da95b479fc2 /root/login.jsp",
+      "content": "Heap Inspection (login.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n N/A N/A None None  S2 None None None None None 78439e5edd436844bb6dc527f6effe0836b88b0fb946747b7f957da95b479fc2 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47103,7 +47103,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 92b54561d5d262a88920162ba7bf19fc0444975582be837047cab5d79c992447 /root/product.jsp",
+      "content": "Download of Code Without Integrity Check (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 92b54561d5d262a88920162ba7bf19fc0444975582be837047cab5d79c992447 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47121,7 +47121,7 @@
   },
   {
     "fields": {
-      "content": "Session Fixation (AdvancedSearch.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n N/A N/A None None  S2 None None None None None f24533b1fc628061c2037eb55ffe66aed6bfa2436fadaf6e424e4905ed238e21 /src/com/thebodgeitstore/search/AdvancedSearch.java",
+      "content": "Session Fixation (AdvancedSearch.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n N/A N/A None None  S2 None None None None None f24533b1fc628061c2037eb55ffe66aed6bfa2436fadaf6e424e4905ed238e21 /src/com/thebodgeitstore/search/AdvancedSearch.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -47139,7 +47139,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (search.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** \u003c%= output %\u003e\n-----\n N/A N/A None None  S1 None None None None None 38321299050d31a3b8168316e30316d786236785a9c31427fb6f2631d3065a7c /root/search.jsp",
+      "content": "Stored XSS (search.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** <%= output %>\n-----\n N/A N/A None None  S1 None None None None None 38321299050d31a3b8168316e30316d786236785a9c31427fb6f2631d3065a7c /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47157,7 +47157,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (dbconnection.jspf) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None 24cd9b35200f9ca729fcccb8348baccd2ddfeee2f22177fd40e46931f8547659 /root/dbconnection.jspf",
+      "content": "Empty Password In Connection String (dbconnection.jspf) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None 24cd9b35200f9ca729fcccb8348baccd2ddfeee2f22177fd40e46931f8547659 /root/dbconnection.jspf",
       "content_type": [
         "dojo",
         "test_import"
@@ -47175,7 +47175,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (init.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 148a501a59e0d04eb52b5cd58b4d654b4a7883e8ad09dcd5801e775113a1000d /root/init.jsp",
+      "content": "Hardcoded password in Connection String (init.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 148a501a59e0d04eb52b5cd58b4d654b4a7883e8ad09dcd5801e775113a1000d /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47193,7 +47193,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "Reflected XSS All Clients (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "test_import"
@@ -47211,7 +47211,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 06cd6507296edca41e97d652a873c31230bf98fa8bdeab477fedb680ff606932 /root/basket.jsp",
+      "content": "HttpOnlyCookies (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 06cd6507296edca41e97d652a873c31230bf98fa8bdeab477fedb680ff606932 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47229,7 +47229,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305)\n\n N/A N/A None None  S2 None None None None None 62f3875efdcf326015adee1ecd85c4ecdca5bc9c4719e5c9177dff8b0afffa1f /root/register.jsp",
+      "content": "Download of Code Without Integrity Check (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305)\n\n N/A N/A None None  S2 None None None None None 62f3875efdcf326015adee1ecd85c4ecdca5bc9c4719e5c9177dff8b0afffa1f /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47247,7 +47247,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (home.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None None None None 0007a2df1ab7dc00f2144451d894f513c7d872e1153a0759982a8c866001cc02 /root/home.jsp",
+      "content": "Stored XSS (home.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None None None None 0007a2df1ab7dc00f2144451d894f513c7d872e1153a0759982a8c866001cc02 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47265,7 +47265,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None 7dba1c0820d0f6017ca3333f7f9a8865a862604c4b13a1eed04666c6e364fa36 /root/home.jsp",
+      "content": "Empty Password In Connection String (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None 7dba1c0820d0f6017ca3333f7f9a8865a862604c4b13a1eed04666c6e364fa36 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47283,7 +47283,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (register.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None None None None 95568708fa568cc74c7ef8279b87869ebc932305da1878dbb1b7597c75a57bc1 /root/register.jsp",
+      "content": "Reflected XSS All Clients (register.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None None None None 95568708fa568cc74c7ef8279b87869ebc932305da1878dbb1b7597c75a57bc1 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47301,7 +47301,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None b037e71624f50f74cfbd0f0cd561daa1e87b1ac3690b19b1d3fe3c36ef452628 /root/product.jsp",
+      "content": "Improper Resource Access Authorization (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None b037e71624f50f74cfbd0f0cd561daa1e87b1ac3690b19b1d3fe3c36ef452628 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47319,7 +47319,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 945eb840563ed9b29b08ff0838d391e775d2e45f26817ad0b321b41e608564cf /root/password.jsp",
+      "content": "Download of Code Without Integrity Check (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 945eb840563ed9b29b08ff0838d391e775d2e45f26817ad0b321b41e608564cf /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47337,7 +47337,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (score.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307)\n\n N/A N/A None None  S2 None None None None None 6e270eb7494286a67571f0d33112e997365a0de45a119ef8199d270c32d806ab /root/score.jsp",
+      "content": "Download of Code Without Integrity Check (score.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307)\n\n N/A N/A None None  S2 None None None None None 6e270eb7494286a67571f0d33112e997365a0de45a119ef8199d270c32d806ab /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47355,7 +47355,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n N/A N/A None None  S3 None None None None None 76a4b74903cac92c02f0d0c7eca32f417f6ce4a3fb04f16eff17cfc0e8f8df7f /root/basket.jsp",
+      "content": "Improper Resource Access Authorization (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n N/A N/A None None  S3 None None None None None 76a4b74903cac92c02f0d0c7eca32f417f6ce4a3fb04f16eff17cfc0e8f8df7f /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47373,7 +47373,7 @@
   },
   {
     "fields": {
-      "content": "Race Condition Format Flaw (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\" + nf.format(pricetopay) + \"\");\n-----\n N/A N/A None None  S3 None None None None None 3db6ca06969817d45acccd02c0ba65067c1e11e9d4d7c34c7301612e63b2f75a /root/basket.jsp",
+      "content": "Race Condition Format Flaw (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\" + nf.format(pricetopay) + \"\");\n-----\n N/A N/A None None  S3 None None None None None 3db6ca06969817d45acccd02c0ba65067c1e11e9d4d7c34c7301612e63b2f75a /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47391,7 +47391,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n N/A N/A None None  S3 None None None None None 66ad49b768c1dcb417d1047d6a3e134473f45969fdc41c529a37088dec29804e /root/header.jsp",
+      "content": "Empty Password In Connection String (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n N/A N/A None None  S3 None None None None None 66ad49b768c1dcb417d1047d6a3e134473f45969fdc41c529a37088dec29804e /root/header.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47409,7 +47409,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (FunctionalZAP.java) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n N/A N/A None None  S3 None None None None None 174ea52e3d43e0e3089705762ecd259a74bdb4c592473a8c4615c8d37e840725 /src/com/thebodgeitstore/selenium/tests/FunctionalZAP.java",
+      "content": "Improper Resource Access Authorization (FunctionalZAP.java) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n N/A N/A None None  S3 None None None None None 174ea52e3d43e0e3089705762ecd259a74bdb4c592473a8c4615c8d37e840725 /src/com/thebodgeitstore/selenium/tests/FunctionalZAP.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -47427,7 +47427,7 @@
   },
   {
     "fields": {
-      "content": "Suspected XSS (contact.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S3 None None None None None cecce89612fa88ff6270b822a8840911536f983c5ab580f5e7df0ec93a95884a /root/contact.jsp",
+      "content": "Suspected XSS (contact.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S3 None None None None None cecce89612fa88ff6270b822a8840911536f983c5ab580f5e7df0ec93a95884a /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47445,7 +47445,7 @@
   },
   {
     "fields": {
-      "content": "Use of Cryptographically Weak PRNG (init.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None afa0b4d8453f20629d5863f0cb1b8d4e31bf2e8c4476db973a78731ffcf08bd2 /root/init.jsp",
+      "content": "Use of Cryptographically Weak PRNG (init.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None afa0b4d8453f20629d5863f0cb1b8d4e31bf2e8c4476db973a78731ffcf08bd2 /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47463,7 +47463,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None None None None 1aec22aeffa8b6201ad60b0a0d2b166ddbaefca6ab534bbc4d2a827bc02f5c20 /root/product.jsp",
+      "content": "CGI Stored XSS (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None None None None 1aec22aeffa8b6201ad60b0a0d2b166ddbaefca6ab534bbc4d2a827bc02f5c20 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47481,7 +47481,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (init.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None 2a7f9ff0b80ef53370128384650fe897d773383109c7d171159cbfbc232476e2 /root/init.jsp",
+      "content": "Improper Resource Shutdown or Release (init.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None 2a7f9ff0b80ef53370128384650fe897d773383109c7d171159cbfbc232476e2 /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47499,7 +47499,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (header.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n N/A N/A None None  S2 None None None None None bef5f29fc5d5f44cef3dd5db1aaeeb5f2e5d7480a197045e6d176f0ab26b5fa2 /root/header.jsp",
+      "content": "Download of Code Without Integrity Check (header.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n N/A N/A None None  S2 None None None None None bef5f29fc5d5f44cef3dd5db1aaeeb5f2e5d7480a197045e6d176f0ab26b5fa2 /root/header.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47517,7 +47517,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47535,7 +47535,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None None None None 2de5b8ed091eaaf750260b056239152b81363c790977699374b03d93e1d28551 /root/login.jsp",
+      "content": "Blind SQL Injections (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None None None None 2de5b8ed091eaaf750260b056239152b81363c790977699374b03d93e1d28551 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47553,7 +47553,7 @@
   },
   {
     "fields": {
-      "content": "Client DOM Open Redirect (advanced.jsp) N/A Low **Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** New Search\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** New Search\n-----\n N/A N/A None None  S3 None None None None None 3173d904f9ac1a4779a3b5fd52f271e6a7871d6cb5387d2ced15025a4a15db93 /root/advanced.jsp",
+      "content": "Client DOM Open Redirect (advanced.jsp) N/A Low **Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** New Search\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** New Search\n-----\n N/A N/A None None  S3 None None None None None 3173d904f9ac1a4779a3b5fd52f271e6a7871d6cb5387d2ced15025a4a15db93 /root/advanced.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47571,7 +47571,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (search.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None 775723c89fdaed1cc6b85ecc489c028159d261e95e7ad4ad80d03ddd63bc99ea /root/search.jsp",
+      "content": "Hardcoded password in Connection String (search.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S2 None None None None None 775723c89fdaed1cc6b85ecc489c028159d261e95e7ad4ad80d03ddd63bc99ea /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47589,7 +47589,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S2 None None None None None 9e3aa3082f7d93e52f9bfe97630e9fd6f6c04c5791dd22505ab238d1a6bf9242 /root/basket.jsp",
+      "content": "CGI Stored XSS (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S2 None None None None None 9e3aa3082f7d93e52f9bfe97630e9fd6f6c04c5791dd22505ab238d1a6bf9242 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47607,7 +47607,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (init.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 2fe1558daec12a621f0504714bee44be8d382a57c7cdda160ddad8a2e8b8ca48 /root/init.jsp",
+      "content": "Use of Insufficiently Random Values (init.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 2fe1558daec12a621f0504714bee44be8d382a57c7cdda160ddad8a2e8b8ca48 /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47625,7 +47625,7 @@
   },
   {
     "fields": {
-      "content": "Missing X Frame Options (web.xml) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S3 None None None None None 5fb0f064b2f7098c57e1115b391bf7a6eb57feae63c2848b916a5b79dccf66f3 /build/WEB-INF/web.xml",
+      "content": "Missing X Frame Options (web.xml) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S3 None None None None None 5fb0f064b2f7098c57e1115b391bf7a6eb57feae63c2848b916a5b79dccf66f3 /build/WEB-INF/web.xml",
       "content_type": [
         "dojo",
         "test_import"
@@ -47643,7 +47643,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (search.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"alert(\\\"xss\\\")\") \u003e= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** You searched for: \u003c%= query %\u003e\n-----\n N/A N/A None None  S1 None None None None None 86efaa45244686266a1c4f1aef52d60ce791dd4cb64feebe5b214db5838b8e06 /root/search.jsp",
+      "content": "Reflected XSS All Clients (search.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"alert(\\\"xss\\\")\") >= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** You searched for: <%= query %>\n-----\n N/A N/A None None  S1 None None None None None 86efaa45244686266a1c4f1aef52d60ce791dd4cb64feebe5b214db5838b8e06 /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47661,7 +47661,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (basket.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None None None None 7d988ddc1b32f65ada9bd17516943b28e33458ea570ce92843bdb49e7a7e22fb /root/basket.jsp",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (basket.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None None None None 7d988ddc1b32f65ada9bd17516943b28e33458ea570ce92843bdb49e7a7e22fb /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47679,7 +47679,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 1c24c0fc04774515bc6dc38386250282055e0585ae71b405586b552ca04b31c9 /root/score.jsp",
+      "content": "Information Exposure Through an Error Message (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 1c24c0fc04774515bc6dc38386250282055e0585ae71b405586b552ca04b31c9 /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47697,7 +47697,7 @@
   },
   {
     "fields": {
-      "content": "Use of Hard coded Cryptographic Key (AdvancedSearch.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n N/A N/A None None  S2 None None None None None d68d7152bc4b3f069aa236ff41cab28da77d7e668b77cb4de10ae8bf7a2e85be /src/com/thebodgeitstore/search/AdvancedSearch.java",
+      "content": "Use of Hard coded Cryptographic Key (AdvancedSearch.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n N/A N/A None None  S2 None None None None None d68d7152bc4b3f069aa236ff41cab28da77d7e668b77cb4de10ae8bf7a2e85be /src/com/thebodgeitstore/search/AdvancedSearch.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -47715,7 +47715,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (register.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None None None None 84c57ed3e3723016b9425c8549bd0faab967538a59e072c2dc5c85974a72bf41 /root/register.jsp",
+      "content": "Reliance on Cookies in a Decision (register.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None None None None 84c57ed3e3723016b9425c8549bd0faab967538a59e072c2dc5c85974a72bf41 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47733,7 +47733,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n N/A N/A None None  S1 None None None None None 2dc7787335253be93ebb64d3ad632116363f3a5821c070db4cc28c18a0eee09e /root/contact.jsp",
+      "content": "Stored XSS (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n N/A N/A None None  S1 None None None None None 2dc7787335253be93ebb64d3ad632116363f3a5821c070db4cc28c18a0eee09e /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47751,7 +47751,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (admin.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S2 None None None None None 45fe7a9d8b946b2cbc6aaf8b5e36608cc629e5f388f91433664d3c2f19a29991 /root/admin.jsp",
+      "content": "CGI Stored XSS (admin.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S2 None None None None None 45fe7a9d8b946b2cbc6aaf8b5e36608cc629e5f388f91433664d3c2f19a29991 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47769,7 +47769,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (register.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None None None None 6e5f6914b0e963152cff1f6b9fe1c39a2f177979e6885bdbac5bd88f1d40d8cd /root/register.jsp",
+      "content": "Heap Inspection (register.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None None None None 6e5f6914b0e963152cff1f6b9fe1c39a2f177979e6885bdbac5bd88f1d40d8cd /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47787,7 +47787,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (search.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 763571cd8b09d88baae5cc8bc9d755e2401e204c335894933401186d14be3992 /root/search.jsp",
+      "content": "Improper Resource Shutdown or Release (search.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 763571cd8b09d88baae5cc8bc9d755e2401e204c335894933401186d14be3992 /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47805,7 +47805,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") \u003e= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 508298807b8bd2787b58a49d31bd3f056293c7656e8936eb2e478b3636fa5e19 /root/register.jsp",
+      "content": "Information Exposure Through an Error Message (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") >= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 508298807b8bd2787b58a49d31bd3f056293c7656e8936eb2e478b3636fa5e19 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47823,7 +47823,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (init.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None 1544a01109756bdb265135b3dbc4efca3a22c8d19fa9b50407c94760f04d5610 /root/init.jsp",
+      "content": "Improper Resource Access Authorization (init.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None 1544a01109756bdb265135b3dbc4efca3a22c8d19fa9b50407c94760f04d5610 /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47841,7 +47841,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (header.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n N/A N/A None None  S2 None None None None None d6251c8822044d55511b364098e264ca2113391d999c6aefe5c1cca3743e2f2d /root/header.jsp",
+      "content": "CGI Stored XSS (header.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n N/A N/A None None  S2 None None None None None d6251c8822044d55511b364098e264ca2113391d999c6aefe5c1cca3743e2f2d /root/header.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47859,7 +47859,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None None None None f8234be5bed59174a5f1f4efef0acb152b788f55c1804e2abbc185fe69ceea31 /root/basket.jsp",
+      "content": "Blind SQL Injections (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None None None None f8234be5bed59174a5f1f4efef0acb152b788f55c1804e2abbc185fe69ceea31 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47877,7 +47877,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies In Config (web.xml) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S2 None None None None None 7d3502f71ea947677c3ae5e39ae8da99c7024c3820a1c546bbdfe3ea4a0fdfc0 /build/WEB-INF/web.xml",
+      "content": "HttpOnlyCookies In Config (web.xml) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S2 None None None None None 7d3502f71ea947677c3ae5e39ae8da99c7024c3820a1c546bbdfe3ea4a0fdfc0 /build/WEB-INF/web.xml",
       "content_type": [
         "dojo",
         "test_import"
@@ -47895,7 +47895,7 @@
   },
   {
     "fields": {
-      "content": "Use of Hard coded Cryptographic Key (AES.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n N/A N/A None None  S2 None None None None None 779b4fe3dd494b8c323ddb7cb879f60051ac263904a16ac65af5a210cf797c0b /src/com/thebodgeitstore/util/AES.java",
+      "content": "Use of Hard coded Cryptographic Key (AES.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n N/A N/A None None  S2 None None None None None 779b4fe3dd494b8c323ddb7cb879f60051ac263904a16ac65af5a210cf797c0b /src/com/thebodgeitstore/util/AES.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -47913,7 +47913,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (score.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 326fbad527801598a49946804f53bff975023eeb4c7c992932611d45d0b46201 /root/score.jsp",
+      "content": "Improper Resource Shutdown or Release (score.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 326fbad527801598a49946804f53bff975023eeb4c7c992932611d45d0b46201 /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47931,7 +47931,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S2 None None None None None d818b17afca02a70991162f0cf5fbb16d2fef322b72c5c77b4c32bd209b3dc02 /root/basket.jsp",
+      "content": "CGI Reflected XSS All Clients (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S2 None None None None None d818b17afca02a70991162f0cf5fbb16d2fef322b72c5c77b4c32bd209b3dc02 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47949,7 +47949,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (score.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S1 None None None None None 926d5bb4d3abbed178afd6c5ffb752e6774908ad90893262c187e71e3197f31d /root/score.jsp",
+      "content": "Stored XSS (score.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S1 None None None None None 926d5bb4d3abbed178afd6c5ffb752e6774908ad90893262c187e71e3197f31d /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47967,7 +47967,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None cfa4c706348e59de8b65228daccc21474abf67877a50dec0efa031e947d2e3bd /root/basket.jsp",
+      "content": "Information Exposure Through an Error Message (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None cfa4c706348e59de8b65228daccc21474abf67877a50dec0efa031e947d2e3bd /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -47985,7 +47985,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n N/A N/A None None  S3 None None None None None b493926fdab24fe92c9c28363e72429e66631bd5056f574ddefb983212933d10 /root/search.jsp",
+      "content": "Improper Resource Access Authorization (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n N/A N/A None None  S3 None None None None None b493926fdab24fe92c9c28363e72429e66631bd5056f574ddefb983212933d10 /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48003,7 +48003,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 40f3e776293c5c19ac7b521181adfef56ed09288fa417f519d1cc6071cba8a17 /root/home.jsp",
+      "content": "Improper Resource Access Authorization (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 40f3e776293c5c19ac7b521181adfef56ed09288fa417f519d1cc6071cba8a17 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48021,7 +48021,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (admin.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 8332e5bd42770868b5db865ca9017c31fcea5a91cff250c4341dc73ed5fdb6e6 /root/admin.jsp",
+      "content": "Improper Resource Shutdown or Release (admin.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 8332e5bd42770868b5db865ca9017c31fcea5a91cff250c4341dc73ed5fdb6e6 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48039,7 +48039,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 641ba17f6201ed5f40524a90c0e0fc03d8a4731528be567b639362cef3f20ef2 /root/search.jsp",
+      "content": "Information Exposure Through an Error Message (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 641ba17f6201ed5f40524a90c0e0fc03d8a4731528be567b639362cef3f20ef2 /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48057,7 +48057,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None None None None c3fb1583f06a0ce7bee2084607680b357d63dd8f9cc56d5d09f0601a3c62a336 /root/register.jsp",
+      "content": "Blind SQL Injections (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None None None None c3fb1583f06a0ce7bee2084607680b357d63dd8f9cc56d5d09f0601a3c62a336 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48075,7 +48075,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (login.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None None None None 11b43c1ce56100d6a92b74b27d6e6901f3822b44c4b6e8437a7622f71c3a58a9 /root/login.jsp",
+      "content": "Reliance on Cookies in a Decision (login.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None None None None 11b43c1ce56100d6a92b74b27d6e6901f3822b44c4b6e8437a7622f71c3a58a9 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48093,7 +48093,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (search.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None 7a001d11b5d7d20f5215658fc735a31e530696faddeae3eacf81662d4870e89a /root/search.jsp",
+      "content": "Download of Code Without Integrity Check (search.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S2 None None None None None 7a001d11b5d7d20f5215658fc735a31e530696faddeae3eacf81662d4870e89a /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48111,7 +48111,7 @@
   },
   {
     "fields": {
-      "content": "Unsynchronized Access To Shared Data (AdvancedSearch.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n N/A N/A None None  S3 None None None None None dc13f474e6f512cb31374bfa4658ce7a866d6b832d40742e784ef14f6513ab87 /src/com/thebodgeitstore/search/AdvancedSearch.java",
+      "content": "Unsynchronized Access To Shared Data (AdvancedSearch.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n N/A N/A None None  S3 None None None None None dc13f474e6f512cb31374bfa4658ce7a866d6b832d40742e784ef14f6513ab87 /src/com/thebodgeitstore/search/AdvancedSearch.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -48129,7 +48129,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S3 None None None None None 63f306f6577c64ad2d38ddd3985cc649b11dd360f7a962e98cb63686c89b2b95 /root/search.jsp",
+      "content": "Empty Password In Connection String (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S3 None None None None None 63f306f6577c64ad2d38ddd3985cc649b11dd360f7a962e98cb63686c89b2b95 /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48147,7 +48147,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48165,7 +48165,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 5b24a32f74c75879a1adc65bf89b03bb64f81565dbd6a2240149f2ce1bd27d40 /root/score.jsp",
+      "content": "Improper Resource Access Authorization (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 5b24a32f74c75879a1adc65bf89b03bb64f81565dbd6a2240149f2ce1bd27d40 /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48183,7 +48183,7 @@
   },
   {
     "fields": {
-      "content": "Session Fixation (logout.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n N/A N/A None None  S2 None None None None None 08569015fcc466a18ab405324d0dfe6af4b141110e47b73226ea117ecd44ff10 /root/logout.jsp",
+      "content": "Session Fixation (logout.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n N/A N/A None None  S2 None None None None None 08569015fcc466a18ab405324d0dfe6af4b141110e47b73226ea117ecd44ff10 /root/logout.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48201,7 +48201,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802)\n\n N/A N/A None None  S2 None None None None None fd480c121d5e26af3fb8c7ec89137aab25d86e44ff154f5aae742384cf80a2dd /root/login.jsp",
+      "content": "Hardcoded password in Connection String (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802)\n\n N/A N/A None None  S2 None None None None None fd480c121d5e26af3fb8c7ec89137aab25d86e44ff154f5aae742384cf80a2dd /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48219,7 +48219,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (advanced.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None b755a0cc07b69b72eb284df102459af7c502318c53c769999ec925d0da354d44 /root/advanced.jsp",
+      "content": "Hardcoded password in Connection String (advanced.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None None None None b755a0cc07b69b72eb284df102459af7c502318c53c769999ec925d0da354d44 /root/advanced.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48237,7 +48237,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None None None None 70d68584520c7bc1b47ca45fc75b42460659a52957a10fe2a99858c32b329ae1 /root/login.jsp",
+      "content": "Improper Resource Access Authorization (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None None None None 70d68584520c7bc1b47ca45fc75b42460659a52957a10fe2a99858c32b329ae1 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48255,7 +48255,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 920ba1bf2ab979534eda06dd720ba0baa9cff2b1c14fd1ad56e89a5d656ed2f9 /root/header.jsp",
+      "content": "Improper Resource Access Authorization (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 920ba1bf2ab979534eda06dd720ba0baa9cff2b1c14fd1ad56e89a5d656ed2f9 /root/header.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48273,7 +48273,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109)\n\n N/A N/A None None  S3 None None None None None 6bea74fa6a2e15eb4e272fd8033b63984cb1cfefd52189c7031b58d7bd325f44 /root/score.jsp",
+      "content": "Empty Password In Connection String (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109)\n\n N/A N/A None None  S3 None None None None None 6bea74fa6a2e15eb4e272fd8033b63984cb1cfefd52189c7031b58d7bd325f44 /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48291,7 +48291,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (password.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n N/A N/A None None  S3 None None None None None 97e071423b295531965759c3641effa4a92e8e67f5ae40a3248a0a296aada52d /root/password.jsp",
+      "content": "Improper Resource Shutdown or Release (password.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n N/A N/A None None  S3 None None None None None 97e071423b295531965759c3641effa4a92e8e67f5ae40a3248a0a296aada52d /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48309,7 +48309,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (product.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 810541dc4d59d52088c1c29bfbb5ed70b10bfa657980a3099b26ff8799955f28 /root/product.jsp",
+      "content": "Improper Resource Shutdown or Release (product.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 810541dc4d59d52088c1c29bfbb5ed70b10bfa657980a3099b26ff8799955f28 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48327,7 +48327,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100)\n\n N/A N/A None None  S3 None None None None None eba9a993ff2b55ebdda24cb3c0fbc777bd7bcf038a01463f56b2f472f5a95296 /root/login.jsp",
+      "content": "Empty Password In Connection String (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100)\n\n N/A N/A None None  S3 None None None None None eba9a993ff2b55ebdda24cb3c0fbc777bd7bcf038a01463f56b2f472f5a95296 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48345,7 +48345,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None af0420cc3c001e6a1c65aceb86644080bcdb3f08b6be7cfc96a3bb3e20685afb /root/login.jsp",
+      "content": "Information Exposure Through an Error Message (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None af0420cc3c001e6a1c65aceb86644080bcdb3f08b6be7cfc96a3bb3e20685afb /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48363,7 +48363,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (contact.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None None None None 78ceea05b00023deec3b210877d332bf03d07b237e8339f508a18c62b1146f88 /root/contact.jsp",
+      "content": "Use of Insufficiently Random Values (contact.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None None None None 78ceea05b00023deec3b210877d332bf03d07b237e8339f508a18c62b1146f88 /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48381,7 +48381,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S1 None None None None None 9384efff38eaa33266a2f5888dea18392a0e8b658b770fcfed268f06d3a1052d /root/contact.jsp",
+      "content": "Stored XSS (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S1 None None None None None 9384efff38eaa33266a2f5888dea18392a0e8b658b770fcfed268f06d3a1052d /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48399,7 +48399,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 93595b491f79115f85df3ef403cfc4ecd34e22dedf95aa24fbc18f56039d26f3 /root/login.jsp",
+      "content": "HttpOnlyCookies (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 93595b491f79115f85df3ef403cfc4ecd34e22dedf95aa24fbc18f56039d26f3 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48417,7 +48417,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (register.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None None None None ebfe755d6f8f91724d9d8a0672c12dce0200f818bce80b7fcaab30987b124a99 /root/register.jsp",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (register.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None None None None ebfe755d6f8f91724d9d8a0672c12dce0200f818bce80b7fcaab30987b124a99 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48435,7 +48435,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 584b05859f76b43b2736a28ac1c8ac88497704d0f31868218fcda9077396a215 /root/header.jsp",
+      "content": "Information Exposure Through an Error Message (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 584b05859f76b43b2736a28ac1c8ac88497704d0f31868218fcda9077396a215 /root/header.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48453,7 +48453,7 @@
   },
   {
     "fields": {
-      "content": "Race Condition Format Flaw (product.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\" + nf.format(price) + \"\");\n-----\n N/A N/A None None  S3 None None None None None b1306a4177b37bad4dbe763419df19ec56d7442262be5dfeff6d346b3b900ad1 /root/product.jsp",
+      "content": "Race Condition Format Flaw (product.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\" + nf.format(price) + \"\");\n-----\n N/A N/A None None  S3 None None None None None b1306a4177b37bad4dbe763419df19ec56d7442262be5dfeff6d346b3b900ad1 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48471,7 +48471,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (product.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n N/A N/A None None  S1 None None None None None 59304c367c39a7f0983c4ef2f90a13207866a37422ff5cc03db07d0efe46aed2 /root/product.jsp",
+      "content": "Stored XSS (product.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n N/A N/A None None  S1 None None None None None 59304c367c39a7f0983c4ef2f90a13207866a37422ff5cc03db07d0efe46aed2 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48489,7 +48489,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48507,7 +48507,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (init.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 28820e0352bb80a1d3c1085204cfeb522ddd29ee680ae46350260bf63359646f /root/init.jsp",
+      "content": "Heap Inspection (init.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 28820e0352bb80a1d3c1085204cfeb522ddd29ee680ae46350260bf63359646f /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48525,7 +48525,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (contact.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "CGI Reflected XSS All Clients (contact.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "test_import"
@@ -48543,7 +48543,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (contact.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None ce6c5523b17b77be323a526e757f04235f6d8a3023ac5208b12b7c34de4fcbb6 /root/contact.jsp",
+      "content": "Empty Password In Connection String (contact.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None ce6c5523b17b77be323a526e757f04235f6d8a3023ac5208b12b7c34de4fcbb6 /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48561,7 +48561,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n N/A N/A None None  S3 None None None None None 85b4b54f401f88fb286b6442b56fecb5922a025504207d94f5835e4b9e4c3d49 /root/product.jsp",
+      "content": "Information Exposure Through an Error Message (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n N/A N/A None None  S3 None None None None None 85b4b54f401f88fb286b6442b56fecb5922a025504207d94f5835e4b9e4c3d49 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48579,7 +48579,7 @@
   },
   {
     "fields": {
-      "content": "XSRF (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S2 None None None None None 371010ba334ccc433d73bf0c9cdaec557d5f7ec338c6f925d8a71763a228d473 /root/password.jsp",
+      "content": "XSRF (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S2 None None None None None 371010ba334ccc433d73bf0c9cdaec557d5f7ec338c6f925d8a71763a228d473 /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48597,7 +48597,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (advanced.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None ea8b569d6c5fe9dba625c6540acd9880534f7a19a5bf4b84fb838ad65d08d26f /root/advanced.jsp",
+      "content": "Download of Code Without Integrity Check (advanced.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None None None None ea8b569d6c5fe9dba625c6540acd9880534f7a19a5bf4b84fb838ad65d08d26f /root/advanced.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48615,7 +48615,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None None None None d0e517ef410747c79f882b9fc73a04a92ef6b4792017378ae5c4a39e21a921c5 /root/register.jsp",
+      "content": "Improper Resource Access Authorization (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None None None None d0e517ef410747c79f882b9fc73a04a92ef6b4792017378ae5c4a39e21a921c5 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48633,7 +48633,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=288](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=288)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=289](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=289)\n\n**Line Number:** 1\n**Column:** 680\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None f6025b614c1d26ee95556ebcb50473f42a57f04d7653abfd132e98baff1b433e /root/basket.jsp",
+      "content": "Download of Code Without Integrity Check (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=288](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=288)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=289](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=289)\n\n**Line Number:** 1\n**Column:** 680\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n N/A N/A None None  S2 None None None None None f6025b614c1d26ee95556ebcb50473f42a57f04d7653abfd132e98baff1b433e /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48651,7 +48651,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (admin.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=121](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=121)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=122](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=122)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=123](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=123)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=124](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=124)\n\n**Line Number:** 12\n**Column:** 383\n**Source Object:** execute\n**Number:** 12\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_ADMIN'\");\n-----\n N/A N/A None None  S3 None None None None None 5852c73c2309bcf533c51c4b6c8221b0519229d4010090067bd6ea629971c099 /root/admin.jsp",
+      "content": "Improper Resource Access Authorization (admin.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=121](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=121)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=122](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=122)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=123](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=123)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=124](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=124)\n\n**Line Number:** 12\n**Column:** 383\n**Source Object:** execute\n**Number:** 12\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_ADMIN'\");\n-----\n N/A N/A None None  S3 None None None None None 5852c73c2309bcf533c51c4b6c8221b0519229d4010090067bd6ea629971c099 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48669,7 +48669,7 @@
   },
   {
     "fields": {
-      "content": "Use of Cryptographically Weak PRNG (contact.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=14](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=14)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None None None None 39052e0796f538556f2cc6c00b63fbed65ab036a874c9ed0672e6825d68602a2 /root/contact.jsp",
+      "content": "Use of Cryptographically Weak PRNG (contact.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=14](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=14)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None None None None 39052e0796f538556f2cc6c00b63fbed65ab036a874c9ed0672e6825d68602a2 /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48687,7 +48687,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (contact.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=463](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=463)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=464](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=464)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=465](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=465)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=466](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=466)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=467](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=467)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=468](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=468)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=469](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=469)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=470](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=470)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=471](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=471)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=472](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=472)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=473](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=473)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=474](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=474)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=475](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=475)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=476](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=476)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=477](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=477)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=478](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=478)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=479](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=479)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=480](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=480)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=481](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=481)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=482](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=482)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=483](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=483)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=484](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=484)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=485](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=485)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=486](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=486)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=487](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=487)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=488](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=488)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=489](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=489)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=490](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=490)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=491](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=491)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=492](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=492)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=493](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=493)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=494](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=494)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=495](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=495)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=496](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=496)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=497](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=497)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=498](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=498)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=499](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=499)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=500](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=500)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=501](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=501)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=502](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=502)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=503](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=503)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=504](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=504)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=505](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=505)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=506](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=506)\n\n**Line Number:** 24\n**Column:** 377\n**Source Object:** conn\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 398\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 370\n**Source Object:** stmt\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 27\n**Column:** 353\n**Source Object:** stmt\n**Number:** 27\n**Code:** stmt.setString(1, username);\n-----\n**Line Number:** 28\n**Column:** 353\n**Source Object:** stmt\n**Number:** 28\n**Code:** stmt.setString(2, comments);\n-----\n**Line Number:** 29\n**Column:** 365\n**Source Object:** execute\n**Number:** 29\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None None None None 82b6e67fea88a46706b742dee6eb877a58f0ef800b00de81d044714ae2d83f6b /root/contact.jsp",
+      "content": "Improper Resource Shutdown or Release (contact.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=463](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=463)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=464](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=464)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=465](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=465)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=466](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=466)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=467](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=467)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=468](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=468)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=469](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=469)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=470](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=470)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=471](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=471)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=472](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=472)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=473](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=473)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=474](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=474)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=475](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=475)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=476](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=476)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=477](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=477)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=478](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=478)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=479](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=479)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=480](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=480)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=481](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=481)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=482](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=482)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=483](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=483)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=484](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=484)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=485](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=485)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=486](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=486)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=487](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=487)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=488](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=488)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=489](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=489)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=490](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=490)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=491](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=491)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=492](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=492)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=493](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=493)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=494](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=494)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=495](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=495)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=496](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=496)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=497](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=497)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=498](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=498)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=499](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=499)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=500](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=500)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=501](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=501)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=502](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=502)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=503](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=503)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=504](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=504)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=505](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=505)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=506](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=506)\n\n**Line Number:** 24\n**Column:** 377\n**Source Object:** conn\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 398\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 370\n**Source Object:** stmt\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 27\n**Column:** 353\n**Source Object:** stmt\n**Number:** 27\n**Code:** stmt.setString(1, username);\n-----\n**Line Number:** 28\n**Column:** 353\n**Source Object:** stmt\n**Number:** 28\n**Code:** stmt.setString(2, comments);\n-----\n**Line Number:** 29\n**Column:** 365\n**Source Object:** execute\n**Number:** 29\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None None None None 82b6e67fea88a46706b742dee6eb877a58f0ef800b00de81d044714ae2d83f6b /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48705,7 +48705,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (login.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=333](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=333)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None None None None 52d4696d8c8726e0689f91c534c78682a24d80d83406ac7c6d7c4f2952d7c25e /root/login.jsp",
+      "content": "Reflected XSS All Clients (login.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=333](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=333)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None None None None 52d4696d8c8726e0689f91c534c78682a24d80d83406ac7c6d7c4f2952d7c25e /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48723,7 +48723,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (home.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=23](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=23)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None None None None 67622d1c580dd13b751a2f6684e3b1e764c0b2059520e9b6683c5b8a6560262a /root/home.jsp",
+      "content": "Use of Insufficiently Random Values (home.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=23](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=23)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None None None None 67622d1c580dd13b751a2f6684e3b1e764c0b2059520e9b6683c5b8a6560262a /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48741,7 +48741,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (basket.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=339](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=339)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S1 None None None None None a580f877f77e73dc81f13869c40402119ff4a964e2cc48fe4dcca3fb0a5e19a9 /root/basket.jsp",
+      "content": "SQL Injection (basket.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=339](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=339)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S1 None None None None None a580f877f77e73dc81f13869c40402119ff4a964e2cc48fe4dcca3fb0a5e19a9 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -48777,7 +48777,7 @@
   },
   {
     "fields": {
-      "content": "Race Condition Format Flaw (product.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\" + nf.format(price) + \"\");\n-----\n N/A N/A None None  S3 None None b1306a4177b37bad4dbe763419df19ec56d7442262be5dfeff6d346b3b900ad1 /root/product.jsp None None None None None None None 262 N/A None BodgeIt ",
+      "content": "Race Condition Format Flaw (product.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\" + nf.format(price) + \"\");\n-----\n N/A N/A None None  S3 None None b1306a4177b37bad4dbe763419df19ec56d7442262be5dfeff6d346b3b900ad1 /root/product.jsp None None None None None None None 262 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "test_import"
@@ -48795,7 +48795,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (product.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None 59304c367c39a7f0983c4ef2f90a13207866a37422ff5cc03db07d0efe46aed2 /root/product.jsp None None None None None None None 263 N/A None BodgeIt ",
+      "content": "Stored XSS (product.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None 59304c367c39a7f0983c4ef2f90a13207866a37422ff5cc03db07d0efe46aed2 /root/product.jsp None None None None None None None 263 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "test_import"
@@ -48921,7 +48921,7 @@
   },
   {
     "fields": {
-      "content": "Apple Accounting Software Accounting software is typically composed of various modules, different sections dealing with particular areas of accounting. Among the most common are:\r\n\r\n**Core modules**\r\n\r\n* Accounts receivable—where the company enters money received\r\n* Accounts payable—where the company enters its bills and pays money it owes\r\n* General ledger—the company's \"books\"\r\n* Billing—where the company produces invoices to clients/customers 0 0 0 high web production purchased",
+      "content": "Apple Accounting Software Accounting software is typically composed of various modules, different sections dealing with particular areas of accounting. Among the most common are:\r\n\r\n**Core modules**\r\n\r\n* Accounts receivable\u2014where the company enters money received\r\n* Accounts payable\u2014where the company enters its bills and pays money it owes\r\n* General ledger\u2014the company's \"books\"\r\n* Billing\u2014where the company produces invoices to clients/customers 0 0 0 high web production purchased",
       "content_type": [
         "dojo",
         "tagulous_product_tags"
@@ -49029,7 +49029,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (login.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=333](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=333)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None 52d4696d8c8726e0689f91c534c78682a24d80d83406ac7c6d7c4f2952d7c25e /root/login.jsp None None None None None None None 276 N/A None BodgeIt ",
+      "content": "Reflected XSS All Clients (login.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=333](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=333)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None 52d4696d8c8726e0689f91c534c78682a24d80d83406ac7c6d7c4f2952d7c25e /root/login.jsp None None None None None None None 276 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "test_import"
@@ -49047,7 +49047,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (home.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=23](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=23)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None 67622d1c580dd13b751a2f6684e3b1e764c0b2059520e9b6683c5b8a6560262a /root/home.jsp None None None None None None None 277 N/A None BodgeIt ",
+      "content": "Use of Insufficiently Random Values (home.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=23](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=23)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None 67622d1c580dd13b751a2f6684e3b1e764c0b2059520e9b6683c5b8a6560262a /root/home.jsp None None None None None None None 277 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "test_import"
@@ -49839,7 +49839,7 @@
   },
   {
     "fields": {
-      "content": "Cross-site scripting (reflected) None High URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto alert(1)nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 alert(1)jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n \n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including \u003c \u003e \" ' and =, should be replaced with the corresponding HTML entities (\u0026lt; \u0026gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request that, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.\n\nThe attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.\n\nUsers can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site that causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).\n\nThe security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality that it contains, and the other applications that belong to the same domain and organization. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain that can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organization that owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application and exploiting users' trust in the organization in order to capture credentials for other applications that it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk. \n None None \n\n  * [Using Burp to Find XSS issues](https://support.portswigger.net/customer/portal/articles/1965737-Methodology_XSS.html)\n\n\n S1 None None None None None d0353a775431e2fcf6ba2245bba4a11a68a0961e4f6baba21095c56e4c52287c None",
+      "content": "Cross-site scripting (reflected) None High URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto alert(1)nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 alert(1)jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n \n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > \" ' and =, should be replaced with the corresponding HTML entities (&lt; &gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request that, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.\n\nThe attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.\n\nUsers can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site that causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).\n\nThe security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality that it contains, and the other applications that belong to the same domain and organization. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain that can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organization that owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application and exploiting users' trust in the organization in order to capture credentials for other applications that it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk. \n None None \n\n  * [Using Burp to Find XSS issues](https://support.portswigger.net/customer/portal/articles/1965737-Methodology_XSS.html)\n\n\n S1 None None None None None d0353a775431e2fcf6ba2245bba4a11a68a0961e4f6baba21095c56e4c52287c None",
       "content_type": [
         "dojo",
         "test_import"
@@ -50361,7 +50361,7 @@
   },
   {
     "fields": {
-      "content": "Errors unhandled.-G104 N/A Low Filename: /vagrant/go/src/govwa/setting/setting.go\nLine number: 66\nIssue Confidence: HIGH\n\nCode:\n_ = db.QueryRow(sql).Scan(\u0026version)\n coming soon  None None  S3 None None None None None 6a2543c093ae3492085ed185e29728240264e6b42d20e2594afa0e3bde0df7ed /vagrant/go/src/govwa/setting/setting.go",
+      "content": "Errors unhandled.-G104 N/A Low Filename: /vagrant/go/src/govwa/setting/setting.go\nLine number: 66\nIssue Confidence: HIGH\n\nCode:\n_ = db.QueryRow(sql).Scan(&version)\n coming soon  None None  S3 None None None None None 6a2543c093ae3492085ed185e29728240264e6b42d20e2594afa0e3bde0df7ed /vagrant/go/src/govwa/setting/setting.go",
       "content_type": [
         "dojo",
         "test_import"
@@ -50775,7 +50775,7 @@
   },
   {
     "fields": {
-      "content": "Cross-site scripting (reflected) None High URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto alert(1)nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 alert(1)jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n \n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including \u003c \u003e \" ' and =, should be replaced with the corresponding HTML entities (\u0026lt; \u0026gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request that, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.\n\nThe attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.\n\nUsers can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site that causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).\n\nThe security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality that it contains, and the other applications that belong to the same domain and organization. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain that can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organization that owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application and exploiting users' trust in the organization in order to capture credentials for other applications that it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk. \n None None \n\n  * [Using Burp to Find XSS issues](https://support.portswigger.net/customer/portal/articles/1965737-Methodology_XSS.html)\n\n\n S1 None None None None None d0353a775431e2fcf6ba2245bba4a11a68a0961e4f6baba21095c56e4c52287c None",
+      "content": "Cross-site scripting (reflected) None High URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto alert(1)nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 alert(1)jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n \n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > \" ' and =, should be replaced with the corresponding HTML entities (&lt; &gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request that, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.\n\nThe attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.\n\nUsers can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site that causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).\n\nThe security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality that it contains, and the other applications that belong to the same domain and organization. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain that can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organization that owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application and exploiting users' trust in the organization in order to capture credentials for other applications that it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk. \n None None \n\n  * [Using Burp to Find XSS issues](https://support.portswigger.net/customer/portal/articles/1965737-Methodology_XSS.html)\n\n\n S1 None None None None None d0353a775431e2fcf6ba2245bba4a11a68a0961e4f6baba21095c56e4c52287c None",
       "content_type": [
         "dojo",
         "test_import"
@@ -51027,7 +51027,7 @@
   },
   {
     "fields": {
-      "content": "Cross-Site Scripting (Reflected) None None None High URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto alert(1)nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 alert(1)jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n \n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including \u003c \u003e \" ' and =, should be replaced with the corresponding HTML entities (\u0026lt; \u0026gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request that, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.\n\nThe attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.\n\nUsers can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site that causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).\n\nThe security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality that it contains, and the other applications that belong to the same domain and organization. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain that can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organization that owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application and exploiting users' trust in the organization in order to capture credentials for other applications that it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk. \n None None \n\n  * [Using Burp to Find XSS issues](https://support.portswigger.net/customer/portal/articles/1965737-Methodology_XSS.html)\n\n\n S1 None None d0353a775431e2fcf6ba2245bba4a11a68a0961e4f6baba21095c56e4c52287c None None None None None None None None None None None 302 None None BodgeIt ",
+      "content": "Cross-Site Scripting (Reflected) None None None High URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto alert(1)nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 alert(1)jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n \n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > \" ' and =, should be replaced with the corresponding HTML entities (&lt; &gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request that, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.\n\nThe attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.\n\nUsers can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site that causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).\n\nThe security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality that it contains, and the other applications that belong to the same domain and organization. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain that can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organization that owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application and exploiting users' trust in the organization in order to capture credentials for other applications that it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk. \n None None \n\n  * [Using Burp to Find XSS issues](https://support.portswigger.net/customer/portal/articles/1965737-Methodology_XSS.html)\n\n\n S1 None None d0353a775431e2fcf6ba2245bba4a11a68a0961e4f6baba21095c56e4c52287c None None None None None None None None None None None 302 None None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51045,7 +51045,7 @@
   },
   {
     "fields": {
-      "content": "Cross-Site Scripting (Reflected) None None None High URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto alert(1)nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 alert(1)jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n \n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including \u003c \u003e \" ' and =, should be replaced with the corresponding HTML entities (\u0026lt; \u0026gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request that, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.\n\nThe attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.\n\nUsers can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site that causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).\n\nThe security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality that it contains, and the other applications that belong to the same domain and organization. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain that can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organization that owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application and exploiting users' trust in the organization in order to capture credentials for other applications that it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk. \n None None \n\n  * [Using Burp to Find XSS issues](https://support.portswigger.net/customer/portal/articles/1965737-Methodology_XSS.html)\n\n\n S1 None None d0353a775431e2fcf6ba2245bba4a11a68a0961e4f6baba21095c56e4c52287c None None None None None None None None None None None 340 None None BodgeIt ",
+      "content": "Cross-Site Scripting (Reflected) None None None High URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto alert(1)nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 alert(1)jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n \n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > \" ' and =, should be replaced with the corresponding HTML entities (&lt; &gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request that, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.\n\nThe attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.\n\nUsers can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site that causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).\n\nThe security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality that it contains, and the other applications that belong to the same domain and organization. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain that can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organization that owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application and exploiting users' trust in the organization in order to capture credentials for other applications that it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk. \n None None \n\n  * [Using Burp to Find XSS issues](https://support.portswigger.net/customer/portal/articles/1965737-Methodology_XSS.html)\n\n\n S1 None None d0353a775431e2fcf6ba2245bba4a11a68a0961e4f6baba21095c56e4c52287c None None None None None None None None None None None 340 None None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51135,7 +51135,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (basket.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S1 None None 3406086ac5988ee8b55f70c618daf86c21702bb3c4c00e4607e5c21c2e3d3828 /root/basket.jsp None None None None None None None None None None 145 N/A None BodgeIt ",
+      "content": "Reflected XSS All Clients (basket.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S1 None None 3406086ac5988ee8b55f70c618daf86c21702bb3c4c00e4607e5c21c2e3d3828 /root/basket.jsp None None None None None None None None None None 145 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51153,7 +51153,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (basket.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S1 None None 3406086ac5988ee8b55f70c618daf86c21702bb3c4c00e4607e5c21c2e3d3828 /root/basket.jsp None None None None None None None None None None 13 N/A None BodgeIt ",
+      "content": "Reflected XSS All Clients (basket.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S1 None None 3406086ac5988ee8b55f70c618daf86c21702bb3c4c00e4607e5c21c2e3d3828 /root/basket.jsp None None None None None None None None None None 13 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51189,7 +51189,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "Reflected XSS All Clients (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "finding"
@@ -51207,7 +51207,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "Reflected XSS All Clients (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "finding"
@@ -51225,7 +51225,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (login.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=333](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=333)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None 52d4696d8c8726e0689f91c534c78682a24d80d83406ac7c6d7c4f2952d7c25e /root/login.jsp None None None None None None None None None None 276 N/A None BodgeIt ",
+      "content": "Reflected XSS All Clients (login.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=333](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=333)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None 52d4696d8c8726e0689f91c534c78682a24d80d83406ac7c6d7c4f2952d7c25e /root/login.jsp None None None None None None None None None None 276 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51243,7 +51243,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (register.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None 95568708fa568cc74c7ef8279b87869ebc932305da1878dbb1b7597c75a57bc1 /root/register.jsp None None None None None None None None None None 65 N/A None BodgeIt ",
+      "content": "Reflected XSS All Clients (register.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None 95568708fa568cc74c7ef8279b87869ebc932305da1878dbb1b7597c75a57bc1 /root/register.jsp None None None None None None None None None None 65 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51261,7 +51261,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (register.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None 95568708fa568cc74c7ef8279b87869ebc932305da1878dbb1b7597c75a57bc1 /root/register.jsp None None None None None None None None None None 197 N/A None BodgeIt ",
+      "content": "Reflected XSS All Clients (register.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None 95568708fa568cc74c7ef8279b87869ebc932305da1878dbb1b7597c75a57bc1 /root/register.jsp None None None None None None None None None None 197 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51279,7 +51279,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (search.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"alert(\\\"xss\\\")\") \u003e= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** You searched for: \u003c%= query %\u003e\n-----\n N/A N/A None None  S1 None None 86efaa45244686266a1c4f1aef52d60ce791dd4cb64feebe5b214db5838b8e06 /root/search.jsp None None None None None None None None None None 217 N/A None BodgeIt ",
+      "content": "Reflected XSS All Clients (search.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"alert(\\\"xss\\\")\") >= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** You searched for: <%= query %>\n-----\n N/A N/A None None  S1 None None 86efaa45244686266a1c4f1aef52d60ce791dd4cb64feebe5b214db5838b8e06 /root/search.jsp None None None None None None None None None None 217 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51297,7 +51297,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (search.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"alert(\\\"xss\\\")\") \u003e= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** You searched for: \u003c%= query %\u003e\n-----\n N/A N/A None None  S1 None None 86efaa45244686266a1c4f1aef52d60ce791dd4cb64feebe5b214db5838b8e06 /root/search.jsp None None None None None None None None None None 85 N/A None BodgeIt ",
+      "content": "Reflected XSS All Clients (search.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"alert(\\\"xss\\\")\") >= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** You searched for: <%= query %>\n-----\n N/A N/A None None  S1 None None 86efaa45244686266a1c4f1aef52d60ce791dd4cb64feebe5b214db5838b8e06 /root/search.jsp None None None None None None None None None None 85 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51315,7 +51315,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (basket.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=339](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=339)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S1 None None a580f877f77e73dc81f13869c40402119ff4a964e2cc48fe4dcca3fb0a5e19a9 /root/basket.jsp None None None None None None None None None None 278 N/A None BodgeIt ",
+      "content": "SQL Injection (basket.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=339](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=339)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S1 None None a580f877f77e73dc81f13869c40402119ff4a964e2cc48fe4dcca3fb0a5e19a9 /root/basket.jsp None None None None None None None None None None 278 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51333,7 +51333,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (login.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S1 None None 9878411e3b89bc832e58fa15e46d19e2e607309d3df9f152114d5ff62f95f0ce /root/login.jsp None None None None None None None None None None 45 N/A None BodgeIt ",
+      "content": "SQL Injection (login.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S1 None None 9878411e3b89bc832e58fa15e46d19e2e607309d3df9f152114d5ff62f95f0ce /root/login.jsp None None None None None None None None None None 45 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51351,7 +51351,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (login.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S1 None None 9878411e3b89bc832e58fa15e46d19e2e607309d3df9f152114d5ff62f95f0ce /root/login.jsp None None None None None None None None None None 177 N/A None BodgeIt ",
+      "content": "SQL Injection (login.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S1 None None 9878411e3b89bc832e58fa15e46d19e2e607309d3df9f152114d5ff62f95f0ce /root/login.jsp None None None None None None None None None None 177 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51369,7 +51369,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (password.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S1 None None 684ee38b55ea509e6c2be4a58ec52ba5d7e0c1952e09f8c8ca2bf0675650bd8f /root/password.jsp None None None None None None None None None None 18 N/A None BodgeIt ",
+      "content": "SQL Injection (password.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S1 None None 684ee38b55ea509e6c2be4a58ec52ba5d7e0c1952e09f8c8ca2bf0675650bd8f /root/password.jsp None None None None None None None None None None 18 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51387,7 +51387,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (password.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S1 None None 684ee38b55ea509e6c2be4a58ec52ba5d7e0c1952e09f8c8ca2bf0675650bd8f /root/password.jsp None None None None None None None None None None 150 N/A None BodgeIt ",
+      "content": "SQL Injection (password.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S1 None None 684ee38b55ea509e6c2be4a58ec52ba5d7e0c1952e09f8c8ca2bf0675650bd8f /root/password.jsp None None None None None None None None None None 150 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51405,7 +51405,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (register.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S1 None None c49c87192b6b4f17151a471fd9d1bf3b302bca08781d67806c6556fe720af1b0 /root/register.jsp None None None None None None None None None None 8 N/A None BodgeIt ",
+      "content": "SQL Injection (register.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S1 None None c49c87192b6b4f17151a471fd9d1bf3b302bca08781d67806c6556fe720af1b0 /root/register.jsp None None None None None None None None None None 8 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51423,7 +51423,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (register.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S1 None None c49c87192b6b4f17151a471fd9d1bf3b302bca08781d67806c6556fe720af1b0 /root/register.jsp None None None None None None None None None None 140 N/A None BodgeIt ",
+      "content": "SQL Injection (register.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S1 None None c49c87192b6b4f17151a471fd9d1bf3b302bca08781d67806c6556fe720af1b0 /root/register.jsp None None None None None None None None None None 140 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51441,7 +51441,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (admin.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S1 None None 1f91fef184e69387463ce9719fe9756145e16e76d39609aa5fa3e0eaa1274d05 /root/admin.jsp None None None None None None None None None None 51 N/A None BodgeIt ",
+      "content": "Stored XSS (admin.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S1 None None 1f91fef184e69387463ce9719fe9756145e16e76d39609aa5fa3e0eaa1274d05 /root/admin.jsp None None None None None None None None None None 51 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51459,7 +51459,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (admin.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S1 None None 1f91fef184e69387463ce9719fe9756145e16e76d39609aa5fa3e0eaa1274d05 /root/admin.jsp None None None None None None None None None None 183 N/A None BodgeIt ",
+      "content": "Stored XSS (admin.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S1 None None 1f91fef184e69387463ce9719fe9756145e16e76d39609aa5fa3e0eaa1274d05 /root/admin.jsp None None None None None None None None None None 183 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51477,7 +51477,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (basket.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S1 None None 99fb15b31049df2445ac3fd8729cbccbc6a19e4e410c3eb0ef95908c00b78fd7 /root/basket.jsp None None None None None None None None None None 151 N/A None BodgeIt ",
+      "content": "Stored XSS (basket.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S1 None None 99fb15b31049df2445ac3fd8729cbccbc6a19e4e410c3eb0ef95908c00b78fd7 /root/basket.jsp None None None None None None None None None None 151 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51495,7 +51495,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (basket.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S1 None None 99fb15b31049df2445ac3fd8729cbccbc6a19e4e410c3eb0ef95908c00b78fd7 /root/basket.jsp None None None None None None None None None None 19 N/A None BodgeIt ",
+      "content": "Stored XSS (basket.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S1 None None 99fb15b31049df2445ac3fd8729cbccbc6a19e4e410c3eb0ef95908c00b78fd7 /root/basket.jsp None None None None None None None None None None 19 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51513,7 +51513,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S1 None None 9384efff38eaa33266a2f5888dea18392a0e8b658b770fcfed268f06d3a1052d /root/contact.jsp None None None None None None None None None None 258 N/A None BodgeIt ",
+      "content": "Stored XSS (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S1 None None 9384efff38eaa33266a2f5888dea18392a0e8b658b770fcfed268f06d3a1052d /root/contact.jsp None None None None None None None None None None 258 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51531,7 +51531,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S1 None None 9384efff38eaa33266a2f5888dea18392a0e8b658b770fcfed268f06d3a1052d /root/contact.jsp None None None None None None None None None None 126 N/A None BodgeIt ",
+      "content": "Stored XSS (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S1 None None 9384efff38eaa33266a2f5888dea18392a0e8b658b770fcfed268f06d3a1052d /root/contact.jsp None None None None None None None None None None 126 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51549,7 +51549,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n N/A N/A None None  S1 None None 2dc7787335253be93ebb64d3ad632116363f3a5821c070db4cc28c18a0eee09e /root/contact.jsp None None None None None None None None None None 90 N/A None BodgeIt ",
+      "content": "Stored XSS (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n N/A N/A None None  S1 None None 2dc7787335253be93ebb64d3ad632116363f3a5821c070db4cc28c18a0eee09e /root/contact.jsp None None None None None None None None None None 90 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51567,7 +51567,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n N/A N/A None None  S1 None None 2dc7787335253be93ebb64d3ad632116363f3a5821c070db4cc28c18a0eee09e /root/contact.jsp None None None None None None None None None None 222 N/A None BodgeIt ",
+      "content": "Stored XSS (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n N/A N/A None None  S1 None None 2dc7787335253be93ebb64d3ad632116363f3a5821c070db4cc28c18a0eee09e /root/contact.jsp None None None None None None None None None None 222 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51585,7 +51585,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (home.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None 0007a2df1ab7dc00f2144451d894f513c7d872e1153a0759982a8c866001cc02 /root/home.jsp None None None None None None None None None None 63 N/A None BodgeIt ",
+      "content": "Stored XSS (home.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None 0007a2df1ab7dc00f2144451d894f513c7d872e1153a0759982a8c866001cc02 /root/home.jsp None None None None None None None None None None 63 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51603,7 +51603,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (home.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None 0007a2df1ab7dc00f2144451d894f513c7d872e1153a0759982a8c866001cc02 /root/home.jsp None None None None None None None None None None 195 N/A None BodgeIt ",
+      "content": "Stored XSS (home.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None 0007a2df1ab7dc00f2144451d894f513c7d872e1153a0759982a8c866001cc02 /root/home.jsp None None None None None None None None None None 195 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51621,7 +51621,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (product.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None 59304c367c39a7f0983c4ef2f90a13207866a37422ff5cc03db07d0efe46aed2 /root/product.jsp None None None None None None None None None None 263 N/A None BodgeIt ",
+      "content": "Stored XSS (product.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None 59304c367c39a7f0983c4ef2f90a13207866a37422ff5cc03db07d0efe46aed2 /root/product.jsp None None None None None None None None None None 263 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51639,7 +51639,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (product.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None 59304c367c39a7f0983c4ef2f90a13207866a37422ff5cc03db07d0efe46aed2 /root/product.jsp None None None None None None None None None None 131 N/A None BodgeIt ",
+      "content": "Stored XSS (product.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None 59304c367c39a7f0983c4ef2f90a13207866a37422ff5cc03db07d0efe46aed2 /root/product.jsp None None None None None None None None None None 131 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51657,7 +51657,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (score.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S1 None None 926d5bb4d3abbed178afd6c5ffb752e6774908ad90893262c187e71e3197f31d /root/score.jsp None None None None None None None None None None 234 N/A None BodgeIt ",
+      "content": "Stored XSS (score.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S1 None None 926d5bb4d3abbed178afd6c5ffb752e6774908ad90893262c187e71e3197f31d /root/score.jsp None None None None None None None None None None 234 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51675,7 +51675,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (score.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S1 None None 926d5bb4d3abbed178afd6c5ffb752e6774908ad90893262c187e71e3197f31d /root/score.jsp None None None None None None None None None None 102 N/A None BodgeIt ",
+      "content": "Stored XSS (score.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S1 None None 926d5bb4d3abbed178afd6c5ffb752e6774908ad90893262c187e71e3197f31d /root/score.jsp None None None None None None None None None None 102 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51693,7 +51693,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (search.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** \u003c%= output %\u003e\n-----\n N/A N/A None None  S1 None None 38321299050d31a3b8168316e30316d786236785a9c31427fb6f2631d3065a7c /root/search.jsp None None None None None None None None None None 189 N/A None BodgeIt ",
+      "content": "Stored XSS (search.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** <%= output %>\n-----\n N/A N/A None None  S1 None None 38321299050d31a3b8168316e30316d786236785a9c31427fb6f2631d3065a7c /root/search.jsp None None None None None None None None None None 189 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -51711,7 +51711,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (search.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** \u003c%= output %\u003e\n-----\n N/A N/A None None  S1 None None 38321299050d31a3b8168316e30316d786236785a9c31427fb6f2631d3065a7c /root/search.jsp None None None None None None None None None None 57 N/A None BodgeIt ",
+      "content": "Stored XSS (search.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** <%= output %>\n-----\n N/A N/A None None  S1 None None 38321299050d31a3b8168316e30316d786236785a9c31427fb6f2631d3065a7c /root/search.jsp None None None None None None None None None None 57 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52053,7 +52053,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S2 None None d818b17afca02a70991162f0cf5fbb16d2fef322b72c5c77b4c32bd209b3dc02 /root/basket.jsp None None None None None None None None None None 101 N/A None BodgeIt ",
+      "content": "CGI Reflected XSS All Clients (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S2 None None d818b17afca02a70991162f0cf5fbb16d2fef322b72c5c77b4c32bd209b3dc02 /root/basket.jsp None None None None None None None None None None 101 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52071,7 +52071,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S2 None None d818b17afca02a70991162f0cf5fbb16d2fef322b72c5c77b4c32bd209b3dc02 /root/basket.jsp None None None None None None None None None None 233 N/A None BodgeIt ",
+      "content": "CGI Reflected XSS All Clients (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S2 None None d818b17afca02a70991162f0cf5fbb16d2fef322b72c5c77b4c32bd209b3dc02 /root/basket.jsp None None None None None None None None None None 233 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52089,7 +52089,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (contact.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "CGI Reflected XSS All Clients (contact.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "finding"
@@ -52107,7 +52107,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (contact.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "CGI Reflected XSS All Clients (contact.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "finding"
@@ -52125,7 +52125,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None 7be257602d73f6146bbd1c6c4ab4970db0867933a1d2e87675770529b841d800 /root/login.jsp None None None None None None None None None None 170 N/A None BodgeIt ",
+      "content": "CGI Reflected XSS All Clients (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None 7be257602d73f6146bbd1c6c4ab4970db0867933a1d2e87675770529b841d800 /root/login.jsp None None None None None None None None None None 170 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52143,7 +52143,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None 7be257602d73f6146bbd1c6c4ab4970db0867933a1d2e87675770529b841d800 /root/login.jsp None None None None None None None None None None 38 N/A None BodgeIt ",
+      "content": "CGI Reflected XSS All Clients (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None 7be257602d73f6146bbd1c6c4ab4970db0867933a1d2e87675770529b841d800 /root/login.jsp None None None None None None None None None None 38 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52161,7 +52161,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None a91b30b026cda759c2608e1c8216cdd13e265c030b8c47f4690cd2182e4ad166 /root/register.jsp None None None None None None None None None None 15 N/A None BodgeIt ",
+      "content": "CGI Reflected XSS All Clients (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None a91b30b026cda759c2608e1c8216cdd13e265c030b8c47f4690cd2182e4ad166 /root/register.jsp None None None None None None None None None None 15 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52179,7 +52179,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None a91b30b026cda759c2608e1c8216cdd13e265c030b8c47f4690cd2182e4ad166 /root/register.jsp None None None None None None None None None None 147 N/A None BodgeIt ",
+      "content": "CGI Reflected XSS All Clients (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None a91b30b026cda759c2608e1c8216cdd13e265c030b8c47f4690cd2182e4ad166 /root/register.jsp None None None None None None None None None None 147 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52197,7 +52197,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (admin.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S2 None None 45fe7a9d8b946b2cbc6aaf8b5e36608cc629e5f388f91433664d3c2f19a29991 /root/admin.jsp None None None None None None None None None None 223 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (admin.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S2 None None 45fe7a9d8b946b2cbc6aaf8b5e36608cc629e5f388f91433664d3c2f19a29991 /root/admin.jsp None None None None None None None None None None 223 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52215,7 +52215,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (admin.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S2 None None 45fe7a9d8b946b2cbc6aaf8b5e36608cc629e5f388f91433664d3c2f19a29991 /root/admin.jsp None None None None None None None None None None 91 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (admin.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S2 None None 45fe7a9d8b946b2cbc6aaf8b5e36608cc629e5f388f91433664d3c2f19a29991 /root/admin.jsp None None None None None None None None None None 91 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52233,7 +52233,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S2 None None 9e3aa3082f7d93e52f9bfe97630e9fd6f6c04c5791dd22505ab238d1a6bf9242 /root/basket.jsp None None None None None None None None None None 82 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S2 None None 9e3aa3082f7d93e52f9bfe97630e9fd6f6c04c5791dd22505ab238d1a6bf9242 /root/basket.jsp None None None None None None None None None None 82 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52251,7 +52251,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S2 None None 9e3aa3082f7d93e52f9bfe97630e9fd6f6c04c5791dd22505ab238d1a6bf9242 /root/basket.jsp None None None None None None None None None None 214 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S2 None None 9e3aa3082f7d93e52f9bfe97630e9fd6f6c04c5791dd22505ab238d1a6bf9242 /root/basket.jsp None None None None None None None None None None 214 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52269,7 +52269,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (header.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n N/A N/A None None  S2 None None d6251c8822044d55511b364098e264ca2113391d999c6aefe5c1cca3743e2f2d /root/header.jsp None None None None None None None None None None 96 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (header.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n N/A N/A None None  S2 None None d6251c8822044d55511b364098e264ca2113391d999c6aefe5c1cca3743e2f2d /root/header.jsp None None None None None None None None None None 96 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52287,7 +52287,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (header.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n N/A N/A None None  S2 None None d6251c8822044d55511b364098e264ca2113391d999c6aefe5c1cca3743e2f2d /root/header.jsp None None None None None None None None None None 228 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (header.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n N/A N/A None None  S2 None None d6251c8822044d55511b364098e264ca2113391d999c6aefe5c1cca3743e2f2d /root/header.jsp None None None None None None None None None None 228 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52305,7 +52305,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None 541eb71776b2d297f9aa790c52297b4f7d26acb0bce7de33bda136fdefe43cb7 /root/home.jsp None None None None None None None None None None 152 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None 541eb71776b2d297f9aa790c52297b4f7d26acb0bce7de33bda136fdefe43cb7 /root/home.jsp None None None None None None None None None None 152 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52323,7 +52323,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None 541eb71776b2d297f9aa790c52297b4f7d26acb0bce7de33bda136fdefe43cb7 /root/home.jsp None None None None None None None None None None 20 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None 541eb71776b2d297f9aa790c52297b4f7d26acb0bce7de33bda136fdefe43cb7 /root/home.jsp None None None None None None None None None None 20 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52341,7 +52341,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None 1aec22aeffa8b6201ad60b0a0d2b166ddbaefca6ab534bbc4d2a827bc02f5c20 /root/product.jsp None None None None None None None None None None 207 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None 1aec22aeffa8b6201ad60b0a0d2b166ddbaefca6ab534bbc4d2a827bc02f5c20 /root/product.jsp None None None None None None None None None None 207 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52359,7 +52359,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None 1aec22aeffa8b6201ad60b0a0d2b166ddbaefca6ab534bbc4d2a827bc02f5c20 /root/product.jsp None None None None None None None None None None 75 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None 1aec22aeffa8b6201ad60b0a0d2b166ddbaefca6ab534bbc4d2a827bc02f5c20 /root/product.jsp None None None None None None None None None None 75 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52377,7 +52377,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (score.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S2 None None 60fff62e2e1d2383da91886a96d64905e184a3044037dc2595c3ccf28faacd6c /root/score.jsp None None None None None None None None None None 179 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (score.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S2 None None 60fff62e2e1d2383da91886a96d64905e184a3044037dc2595c3ccf28faacd6c /root/score.jsp None None None None None None None None None None 179 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52395,7 +52395,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (score.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S2 None None 60fff62e2e1d2383da91886a96d64905e184a3044037dc2595c3ccf28faacd6c /root/score.jsp None None None None None None None None None None 47 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (score.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S2 None None 60fff62e2e1d2383da91886a96d64905e184a3044037dc2595c3ccf28faacd6c /root/score.jsp None None None None None None None None None None 47 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52413,7 +52413,7 @@
   },
   {
     "fields": {
-      "content": "Client Cross Frame Scripting Attack (advanced.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None 51b52607f2a5915cd128ba4e24ce8e22ba019757f074a0ebc27c33d91a55378b /root/advanced.jsp None None None None None None None None None None 165 N/A None BodgeIt ",
+      "content": "Client Cross Frame Scripting Attack (advanced.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None 51b52607f2a5915cd128ba4e24ce8e22ba019757f074a0ebc27c33d91a55378b /root/advanced.jsp None None None None None None None None None None 165 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52431,7 +52431,7 @@
   },
   {
     "fields": {
-      "content": "Client Cross Frame Scripting Attack (advanced.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None 51b52607f2a5915cd128ba4e24ce8e22ba019757f074a0ebc27c33d91a55378b /root/advanced.jsp None None None None None None None None None None 33 N/A None BodgeIt ",
+      "content": "Client Cross Frame Scripting Attack (advanced.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None 51b52607f2a5915cd128ba4e24ce8e22ba019757f074a0ebc27c33d91a55378b /root/advanced.jsp None None None None None None None None None None 33 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52449,7 +52449,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (admin.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 75a93a572c186be5fe7f5221a64306b5b35dddf605b5e231ffc74442bd3728a4 /root/admin.jsp None None None None None None None None None None 52 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (admin.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 75a93a572c186be5fe7f5221a64306b5b35dddf605b5e231ffc74442bd3728a4 /root/admin.jsp None None None None None None None None None None 52 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52467,7 +52467,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (admin.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 75a93a572c186be5fe7f5221a64306b5b35dddf605b5e231ffc74442bd3728a4 /root/admin.jsp None None None None None None None None None None 184 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (admin.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 75a93a572c186be5fe7f5221a64306b5b35dddf605b5e231ffc74442bd3728a4 /root/admin.jsp None None None None None None None None None None 184 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52485,7 +52485,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (advanced.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None ea8b569d6c5fe9dba625c6540acd9880534f7a19a5bf4b84fb838ad65d08d26f /root/advanced.jsp None None None None None None None None None None 138 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (advanced.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None ea8b569d6c5fe9dba625c6540acd9880534f7a19a5bf4b84fb838ad65d08d26f /root/advanced.jsp None None None None None None None None None None 138 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52503,7 +52503,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (advanced.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None ea8b569d6c5fe9dba625c6540acd9880534f7a19a5bf4b84fb838ad65d08d26f /root/advanced.jsp None None None None None None None None None None 270 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (advanced.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None ea8b569d6c5fe9dba625c6540acd9880534f7a19a5bf4b84fb838ad65d08d26f /root/advanced.jsp None None None None None None None None None None 270 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52521,7 +52521,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=288](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=288)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=289](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=289)\n\n**Line Number:** 1\n**Column:** 680\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n N/A N/A None None  S2 None None f6025b614c1d26ee95556ebcb50473f42a57f04d7653abfd132e98baff1b433e /root/basket.jsp None None None None None None None None None None 272 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=288](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=288)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=289](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=289)\n\n**Line Number:** 1\n**Column:** 680\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n N/A N/A None None  S2 None None f6025b614c1d26ee95556ebcb50473f42a57f04d7653abfd132e98baff1b433e /root/basket.jsp None None None None None None None None None None 272 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52539,7 +52539,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (header.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n N/A N/A None None  S2 None None bef5f29fc5d5f44cef3dd5db1aaeeb5f2e5d7480a197045e6d176f0ab26b5fa2 /root/header.jsp None None None None None None None None None None 77 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (header.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n N/A N/A None None  S2 None None bef5f29fc5d5f44cef3dd5db1aaeeb5f2e5d7480a197045e6d176f0ab26b5fa2 /root/header.jsp None None None None None None None None None None 77 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52557,7 +52557,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (header.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n N/A N/A None None  S2 None None bef5f29fc5d5f44cef3dd5db1aaeeb5f2e5d7480a197045e6d176f0ab26b5fa2 /root/header.jsp None None None None None None None None None None 209 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (header.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n N/A N/A None None  S2 None None bef5f29fc5d5f44cef3dd5db1aaeeb5f2e5d7480a197045e6d176f0ab26b5fa2 /root/header.jsp None None None None None None None None None None 209 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52575,7 +52575,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 3988a18fe8f515ab1f92c649f43f20d33e8e8692d00a9dc80f2863342b522698 /root/home.jsp None None None None None None None None None None 175 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 3988a18fe8f515ab1f92c649f43f20d33e8e8692d00a9dc80f2863342b522698 /root/home.jsp None None None None None None None None None None 175 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52593,7 +52593,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 3988a18fe8f515ab1f92c649f43f20d33e8e8692d00a9dc80f2863342b522698 /root/home.jsp None None None None None None None None None None 43 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 3988a18fe8f515ab1f92c649f43f20d33e8e8692d00a9dc80f2863342b522698 /root/home.jsp None None None None None None None None None None 43 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52611,7 +52611,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298)\n\n N/A N/A None None  S2 None None a9c3269038ed8a49c4e7576b359f61a65a3bd82c163089bc20743e5a14aa0ab5 /root/login.jsp None None None None None None None None None None 141 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298)\n\n N/A N/A None None  S2 None None a9c3269038ed8a49c4e7576b359f61a65a3bd82c163089bc20743e5a14aa0ab5 /root/login.jsp None None None None None None None None None None 141 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52629,7 +52629,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298)\n\n N/A N/A None None  S2 None None a9c3269038ed8a49c4e7576b359f61a65a3bd82c163089bc20743e5a14aa0ab5 /root/login.jsp None None None None None None None None None None 9 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298)\n\n N/A N/A None None  S2 None None a9c3269038ed8a49c4e7576b359f61a65a3bd82c163089bc20743e5a14aa0ab5 /root/login.jsp None None None None None None None None None None 9 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52647,7 +52647,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 945eb840563ed9b29b08ff0838d391e775d2e45f26817ad0b321b41e608564cf /root/password.jsp None None None None None None None None None None 199 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 945eb840563ed9b29b08ff0838d391e775d2e45f26817ad0b321b41e608564cf /root/password.jsp None None None None None None None None None None 199 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52665,7 +52665,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 945eb840563ed9b29b08ff0838d391e775d2e45f26817ad0b321b41e608564cf /root/password.jsp None None None None None None None None None None 67 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 945eb840563ed9b29b08ff0838d391e775d2e45f26817ad0b321b41e608564cf /root/password.jsp None None None None None None None None None None 67 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52683,7 +52683,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 92b54561d5d262a88920162ba7bf19fc0444975582be837047cab5d79c992447 /root/product.jsp None None None None None None None None None None 187 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 92b54561d5d262a88920162ba7bf19fc0444975582be837047cab5d79c992447 /root/product.jsp None None None None None None None None None None 187 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52701,7 +52701,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 92b54561d5d262a88920162ba7bf19fc0444975582be837047cab5d79c992447 /root/product.jsp None None None None None None None None None None 55 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 92b54561d5d262a88920162ba7bf19fc0444975582be837047cab5d79c992447 /root/product.jsp None None None None None None None None None None 55 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52719,7 +52719,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305)\n\n N/A N/A None None  S2 None None 62f3875efdcf326015adee1ecd85c4ecdca5bc9c4719e5c9177dff8b0afffa1f /root/register.jsp None None None None None None None None None None 62 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305)\n\n N/A N/A None None  S2 None None 62f3875efdcf326015adee1ecd85c4ecdca5bc9c4719e5c9177dff8b0afffa1f /root/register.jsp None None None None None None None None None None 62 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52737,7 +52737,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305)\n\n N/A N/A None None  S2 None None 62f3875efdcf326015adee1ecd85c4ecdca5bc9c4719e5c9177dff8b0afffa1f /root/register.jsp None None None None None None None None None None 194 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305)\n\n N/A N/A None None  S2 None None 62f3875efdcf326015adee1ecd85c4ecdca5bc9c4719e5c9177dff8b0afffa1f /root/register.jsp None None None None None None None None None None 194 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52755,7 +52755,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (score.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307)\n\n N/A N/A None None  S2 None None 6e270eb7494286a67571f0d33112e997365a0de45a119ef8199d270c32d806ab /root/score.jsp None None None None None None None None None None 200 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (score.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307)\n\n N/A N/A None None  S2 None None 6e270eb7494286a67571f0d33112e997365a0de45a119ef8199d270c32d806ab /root/score.jsp None None None None None None None None None None 200 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52773,7 +52773,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (score.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307)\n\n N/A N/A None None  S2 None None 6e270eb7494286a67571f0d33112e997365a0de45a119ef8199d270c32d806ab /root/score.jsp None None None None None None None None None None 68 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (score.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307)\n\n N/A N/A None None  S2 None None 6e270eb7494286a67571f0d33112e997365a0de45a119ef8199d270c32d806ab /root/score.jsp None None None None None None None None None None 68 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52791,7 +52791,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (search.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S2 None None 7a001d11b5d7d20f5215658fc735a31e530696faddeae3eacf81662d4870e89a /root/search.jsp None None None None None None None None None None 110 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (search.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S2 None None 7a001d11b5d7d20f5215658fc735a31e530696faddeae3eacf81662d4870e89a /root/search.jsp None None None None None None None None None None 110 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52809,7 +52809,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (search.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S2 None None 7a001d11b5d7d20f5215658fc735a31e530696faddeae3eacf81662d4870e89a /root/search.jsp None None None None None None None None None None 242 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (search.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S2 None None 7a001d11b5d7d20f5215658fc735a31e530696faddeae3eacf81662d4870e89a /root/search.jsp None None None None None None None None None None 242 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52827,7 +52827,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (advanced.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None b755a0cc07b69b72eb284df102459af7c502318c53c769999ec925d0da354d44 /root/advanced.jsp None None None None None None None None None None 117 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (advanced.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None b755a0cc07b69b72eb284df102459af7c502318c53c769999ec925d0da354d44 /root/advanced.jsp None None None None None None None None None None 117 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52845,7 +52845,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (advanced.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None b755a0cc07b69b72eb284df102459af7c502318c53c769999ec925d0da354d44 /root/advanced.jsp None None None None None None None None None None 249 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (advanced.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None b755a0cc07b69b72eb284df102459af7c502318c53c769999ec925d0da354d44 /root/advanced.jsp None None None None None None None None None None 249 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52863,7 +52863,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n N/A N/A None None  S2 None None 4568d7e34ac50ab291c955c8acb368e5abe73de05bd3080e2efc7b00f329600f /root/basket.jsp None None None None None None None None None None 50 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n N/A N/A None None  S2 None None 4568d7e34ac50ab291c955c8acb368e5abe73de05bd3080e2efc7b00f329600f /root/basket.jsp None None None None None None None None None None 50 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52881,7 +52881,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n N/A N/A None None  S2 None None 4568d7e34ac50ab291c955c8acb368e5abe73de05bd3080e2efc7b00f329600f /root/basket.jsp None None None None None None None None None None 182 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n N/A N/A None None  S2 None None 4568d7e34ac50ab291c955c8acb368e5abe73de05bd3080e2efc7b00f329600f /root/basket.jsp None None None None None None None None None None 182 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52899,7 +52899,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (contact.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 964aeee36e5998da77d3229f43830d362838d860d9e30c415fb58e9686a49625 /root/contact.jsp None None None None None None None None None None 40 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (contact.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 964aeee36e5998da77d3229f43830d362838d860d9e30c415fb58e9686a49625 /root/contact.jsp None None None None None None None None None None 40 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52917,7 +52917,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (contact.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 964aeee36e5998da77d3229f43830d362838d860d9e30c415fb58e9686a49625 /root/contact.jsp None None None None None None None None None None 172 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (contact.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 964aeee36e5998da77d3229f43830d362838d860d9e30c415fb58e9686a49625 /root/contact.jsp None None None None None None None None None None 172 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52935,7 +52935,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (dbconnection.jspf) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None e57ed13a66f4041fa377af4db5110a50a8f4a67e0c7c2b3e955e4118844a2904 /root/dbconnection.jspf None None None None None None None None None None 173 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (dbconnection.jspf) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None e57ed13a66f4041fa377af4db5110a50a8f4a67e0c7c2b3e955e4118844a2904 /root/dbconnection.jspf None None None None None None None None None None 173 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52953,7 +52953,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (dbconnection.jspf) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None e57ed13a66f4041fa377af4db5110a50a8f4a67e0c7c2b3e955e4118844a2904 /root/dbconnection.jspf None None None None None None None None None None 41 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (dbconnection.jspf) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None e57ed13a66f4041fa377af4db5110a50a8f4a67e0c7c2b3e955e4118844a2904 /root/dbconnection.jspf None None None None None None None None None None 41 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52971,7 +52971,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 13ceb3acfb49f194493bfb0af44f5f886a9767aa1c6990c8a397af756d97209c /root/home.jsp None None None None None None None None None None 24 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 13ceb3acfb49f194493bfb0af44f5f886a9767aa1c6990c8a397af756d97209c /root/home.jsp None None None None None None None None None None 24 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -52989,7 +52989,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 13ceb3acfb49f194493bfb0af44f5f886a9767aa1c6990c8a397af756d97209c /root/home.jsp None None None None None None None None None None 156 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 13ceb3acfb49f194493bfb0af44f5f886a9767aa1c6990c8a397af756d97209c /root/home.jsp None None None None None None None None None None 156 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53007,7 +53007,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (init.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 148a501a59e0d04eb52b5cd58b4d654b4a7883e8ad09dcd5801e775113a1000d /root/init.jsp None None None None None None None None None None 59 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (init.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 148a501a59e0d04eb52b5cd58b4d654b4a7883e8ad09dcd5801e775113a1000d /root/init.jsp None None None None None None None None None None 59 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53025,7 +53025,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (init.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 148a501a59e0d04eb52b5cd58b4d654b4a7883e8ad09dcd5801e775113a1000d /root/init.jsp None None None None None None None None None None 191 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (init.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 148a501a59e0d04eb52b5cd58b4d654b4a7883e8ad09dcd5801e775113a1000d /root/init.jsp None None None None None None None None None None 191 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53043,7 +53043,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802)\n\n N/A N/A None None  S2 None None fd480c121d5e26af3fb8c7ec89137aab25d86e44ff154f5aae742384cf80a2dd /root/login.jsp None None None None None None None None None None 248 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802)\n\n N/A N/A None None  S2 None None fd480c121d5e26af3fb8c7ec89137aab25d86e44ff154f5aae742384cf80a2dd /root/login.jsp None None None None None None None None None None 248 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53061,7 +53061,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802)\n\n N/A N/A None None  S2 None None fd480c121d5e26af3fb8c7ec89137aab25d86e44ff154f5aae742384cf80a2dd /root/login.jsp None None None None None None None None None None 116 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802)\n\n N/A N/A None None  S2 None None fd480c121d5e26af3fb8c7ec89137aab25d86e44ff154f5aae742384cf80a2dd /root/login.jsp None None None None None None None None None None 116 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53079,7 +53079,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None d947020e418c747ee99a0accd491030f65895189aefea2a96a390b3e843a9905 /root/password.jsp None None None None None None None None None None 34 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None d947020e418c747ee99a0accd491030f65895189aefea2a96a390b3e843a9905 /root/password.jsp None None None None None None None None None None 34 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53097,7 +53097,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None d947020e418c747ee99a0accd491030f65895189aefea2a96a390b3e843a9905 /root/password.jsp None None None None None None None None None None 166 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None d947020e418c747ee99a0accd491030f65895189aefea2a96a390b3e843a9905 /root/password.jsp None None None None None None None None None None 166 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53115,7 +53115,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None bfd9b74841c8d988d57c99353742f1e3180934ca6be2149a3fb7377329b57b33 /root/product.jsp None None None None None None None None None None 148 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None bfd9b74841c8d988d57c99353742f1e3180934ca6be2149a3fb7377329b57b33 /root/product.jsp None None None None None None None None None None 148 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53133,7 +53133,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None bfd9b74841c8d988d57c99353742f1e3180934ca6be2149a3fb7377329b57b33 /root/product.jsp None None None None None None None None None None 16 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None bfd9b74841c8d988d57c99353742f1e3180934ca6be2149a3fb7377329b57b33 /root/product.jsp None None None None None None None None None None 16 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53151,7 +53151,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (search.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S2 None None 775723c89fdaed1cc6b85ecc489c028159d261e95e7ad4ad80d03ddd63bc99ea /root/search.jsp None None None None None None None None None None 81 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (search.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S2 None None 775723c89fdaed1cc6b85ecc489c028159d261e95e7ad4ad80d03ddd63bc99ea /root/search.jsp None None None None None None None None None None 81 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53169,7 +53169,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (search.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S2 None None 775723c89fdaed1cc6b85ecc489c028159d261e95e7ad4ad80d03ddd63bc99ea /root/search.jsp None None None None None None None None None None 213 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (search.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S2 None None 775723c89fdaed1cc6b85ecc489c028159d261e95e7ad4ad80d03ddd63bc99ea /root/search.jsp None None None None None None None None None None 213 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53187,7 +53187,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (init.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 28820e0352bb80a1d3c1085204cfeb522ddd29ee680ae46350260bf63359646f /root/init.jsp None None None None None None None None None None 265 N/A None BodgeIt ",
+      "content": "Heap Inspection (init.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 28820e0352bb80a1d3c1085204cfeb522ddd29ee680ae46350260bf63359646f /root/init.jsp None None None None None None None None None None 265 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53205,7 +53205,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (init.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 28820e0352bb80a1d3c1085204cfeb522ddd29ee680ae46350260bf63359646f /root/init.jsp None None None None None None None None None None 133 N/A None BodgeIt ",
+      "content": "Heap Inspection (init.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 28820e0352bb80a1d3c1085204cfeb522ddd29ee680ae46350260bf63359646f /root/init.jsp None None None None None None None None None None 133 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53223,7 +53223,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (login.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n N/A N/A None None  S2 None None 78439e5edd436844bb6dc527f6effe0836b88b0fb946747b7f957da95b479fc2 /root/login.jsp None None None None None None None None None None 54 N/A None BodgeIt ",
+      "content": "Heap Inspection (login.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n N/A N/A None None  S2 None None 78439e5edd436844bb6dc527f6effe0836b88b0fb946747b7f957da95b479fc2 /root/login.jsp None None None None None None None None None None 54 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53241,7 +53241,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (login.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n N/A N/A None None  S2 None None 78439e5edd436844bb6dc527f6effe0836b88b0fb946747b7f957da95b479fc2 /root/login.jsp None None None None None None None None None None 186 N/A None BodgeIt ",
+      "content": "Heap Inspection (login.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n N/A N/A None None  S2 None None 78439e5edd436844bb6dc527f6effe0836b88b0fb946747b7f957da95b479fc2 /root/login.jsp None None None None None None None None None None 186 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53259,7 +53259,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (password.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None 2237f06cb695ec1da91d51cab9fb037d8a9e84f1aa9ddbfeef59eef1a65af47e /root/password.jsp None None None None None None None None None None 26 N/A None BodgeIt ",
+      "content": "Heap Inspection (password.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None 2237f06cb695ec1da91d51cab9fb037d8a9e84f1aa9ddbfeef59eef1a65af47e /root/password.jsp None None None None None None None None None None 26 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53277,7 +53277,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (password.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None 2237f06cb695ec1da91d51cab9fb037d8a9e84f1aa9ddbfeef59eef1a65af47e /root/password.jsp None None None None None None None None None None 158 N/A None BodgeIt ",
+      "content": "Heap Inspection (password.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None 2237f06cb695ec1da91d51cab9fb037d8a9e84f1aa9ddbfeef59eef1a65af47e /root/password.jsp None None None None None None None None None None 158 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53295,7 +53295,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (register.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None 6e5f6914b0e963152cff1f6b9fe1c39a2f177979e6885bdbac5bd88f1d40d8cd /root/register.jsp None None None None None None None None None None 92 N/A None BodgeIt ",
+      "content": "Heap Inspection (register.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None 6e5f6914b0e963152cff1f6b9fe1c39a2f177979e6885bdbac5bd88f1d40d8cd /root/register.jsp None None None None None None None None None None 92 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53313,7 +53313,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (register.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None 6e5f6914b0e963152cff1f6b9fe1c39a2f177979e6885bdbac5bd88f1d40d8cd /root/register.jsp None None None None None None None None None None 224 N/A None BodgeIt ",
+      "content": "Heap Inspection (register.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None 6e5f6914b0e963152cff1f6b9fe1c39a2f177979e6885bdbac5bd88f1d40d8cd /root/register.jsp None None None None None None None None None None 224 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53331,7 +53331,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 06cd6507296edca41e97d652a873c31230bf98fa8bdeab477fedb680ff606932 /root/basket.jsp None None None None None None None None None None 193 N/A None BodgeIt ",
+      "content": "HttpOnlyCookies (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 06cd6507296edca41e97d652a873c31230bf98fa8bdeab477fedb680ff606932 /root/basket.jsp None None None None None None None None None None 193 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53349,7 +53349,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 06cd6507296edca41e97d652a873c31230bf98fa8bdeab477fedb680ff606932 /root/basket.jsp None None None None None None None None None None 61 N/A None BodgeIt ",
+      "content": "HttpOnlyCookies (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 06cd6507296edca41e97d652a873c31230bf98fa8bdeab477fedb680ff606932 /root/basket.jsp None None None None None None None None None None 61 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53367,7 +53367,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 93595b491f79115f85df3ef403cfc4ecd34e22dedf95aa24fbc18f56039d26f3 /root/login.jsp None None None None None None None None None None 259 N/A None BodgeIt ",
+      "content": "HttpOnlyCookies (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 93595b491f79115f85df3ef403cfc4ecd34e22dedf95aa24fbc18f56039d26f3 /root/login.jsp None None None None None None None None None None 259 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53385,7 +53385,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 93595b491f79115f85df3ef403cfc4ecd34e22dedf95aa24fbc18f56039d26f3 /root/login.jsp None None None None None None None None None None 127 N/A None BodgeIt ",
+      "content": "HttpOnlyCookies (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 93595b491f79115f85df3ef403cfc4ecd34e22dedf95aa24fbc18f56039d26f3 /root/login.jsp None None None None None None None None None None 127 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53403,7 +53403,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 24e74e8be8b222cf0b17c034d03c5b43a130c2b960095eb44c55f470e50f6924 /root/register.jsp None None None None None None None None None None 14 N/A None BodgeIt ",
+      "content": "HttpOnlyCookies (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 24e74e8be8b222cf0b17c034d03c5b43a130c2b960095eb44c55f470e50f6924 /root/register.jsp None None None None None None None None None None 14 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53421,7 +53421,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 24e74e8be8b222cf0b17c034d03c5b43a130c2b960095eb44c55f470e50f6924 /root/register.jsp None None None None None None None None None None 146 N/A None BodgeIt ",
+      "content": "HttpOnlyCookies (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 24e74e8be8b222cf0b17c034d03c5b43a130c2b960095eb44c55f470e50f6924 /root/register.jsp None None None None None None None None None None 146 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53439,7 +53439,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies in Config (web.xml) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S2 None None 7d3502f71ea947677c3ae5e39ae8da99c7024c3820a1c546bbdfe3ea4a0fdfc0 /build/WEB-INF/web.xml None None None None None None None None None None 98 N/A None BodgeIt ",
+      "content": "HttpOnlyCookies in Config (web.xml) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S2 None None 7d3502f71ea947677c3ae5e39ae8da99c7024c3820a1c546bbdfe3ea4a0fdfc0 /build/WEB-INF/web.xml None None None None None None None None None None 98 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53457,7 +53457,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies in Config (web.xml) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S2 None None 7d3502f71ea947677c3ae5e39ae8da99c7024c3820a1c546bbdfe3ea4a0fdfc0 /build/WEB-INF/web.xml None None None None None None None None None None 230 N/A None BodgeIt ",
+      "content": "HttpOnlyCookies in Config (web.xml) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S2 None None 7d3502f71ea947677c3ae5e39ae8da99c7024c3820a1c546bbdfe3ea4a0fdfc0 /build/WEB-INF/web.xml None None None None None None None None None None 230 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53475,7 +53475,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies in Config (web.xml) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65)\n\n N/A N/A None None  S2 None None b29d81fdf7a5477a7badd1a47406a27deb12b90d0b3db17f567344d1ec24e65c /root/WEB-INF/web.xml None None None None None None None None None None 167 N/A None BodgeIt ",
+      "content": "HttpOnlyCookies in Config (web.xml) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65)\n\n N/A N/A None None  S2 None None b29d81fdf7a5477a7badd1a47406a27deb12b90d0b3db17f567344d1ec24e65c /root/WEB-INF/web.xml None None None None None None None None None None 167 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53493,7 +53493,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies in Config (web.xml) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65)\n\n N/A N/A None None  S2 None None b29d81fdf7a5477a7badd1a47406a27deb12b90d0b3db17f567344d1ec24e65c /root/WEB-INF/web.xml None None None None None None None None None None 35 N/A None BodgeIt ",
+      "content": "HttpOnlyCookies in Config (web.xml) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65)\n\n N/A N/A None None  S2 None None b29d81fdf7a5477a7badd1a47406a27deb12b90d0b3db17f567344d1ec24e65c /root/WEB-INF/web.xml None None None None None None None None None None 35 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53511,7 +53511,7 @@
   },
   {
     "fields": {
-      "content": "Session Fixation (AdvancedSearch.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n N/A N/A None None  S2 None None f24533b1fc628061c2037eb55ffe66aed6bfa2436fadaf6e424e4905ed238e21 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 56 N/A None BodgeIt ",
+      "content": "Session Fixation (AdvancedSearch.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n N/A N/A None None  S2 None None f24533b1fc628061c2037eb55ffe66aed6bfa2436fadaf6e424e4905ed238e21 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 56 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53529,7 +53529,7 @@
   },
   {
     "fields": {
-      "content": "Session Fixation (AdvancedSearch.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n N/A N/A None None  S2 None None f24533b1fc628061c2037eb55ffe66aed6bfa2436fadaf6e424e4905ed238e21 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 188 N/A None BodgeIt ",
+      "content": "Session Fixation (AdvancedSearch.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n N/A N/A None None  S2 None None f24533b1fc628061c2037eb55ffe66aed6bfa2436fadaf6e424e4905ed238e21 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 188 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53547,7 +53547,7 @@
   },
   {
     "fields": {
-      "content": "Session Fixation (logout.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n N/A N/A None None  S2 None None 08569015fcc466a18ab405324d0dfe6af4b141110e47b73226ea117ecd44ff10 /root/logout.jsp None None None None None None None None None None 247 N/A None BodgeIt ",
+      "content": "Session Fixation (logout.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n N/A N/A None None  S2 None None 08569015fcc466a18ab405324d0dfe6af4b141110e47b73226ea117ecd44ff10 /root/logout.jsp None None None None None None None None None None 247 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53565,7 +53565,7 @@
   },
   {
     "fields": {
-      "content": "Session Fixation (logout.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n N/A N/A None None  S2 None None 08569015fcc466a18ab405324d0dfe6af4b141110e47b73226ea117ecd44ff10 /root/logout.jsp None None None None None None None None None None 115 N/A None BodgeIt ",
+      "content": "Session Fixation (logout.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n N/A N/A None None  S2 None None 08569015fcc466a18ab405324d0dfe6af4b141110e47b73226ea117ecd44ff10 /root/logout.jsp None None None None None None None None None None 115 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53583,7 +53583,7 @@
   },
   {
     "fields": {
-      "content": "Trust Boundary Violation (login.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S2 None None 9ec4ce27f48767b96297ef3cb8eabba1814ea08a02801692a669540c5a7ce019 /root/login.jsp None None None None None None None None None None 28 N/A None BodgeIt ",
+      "content": "Trust Boundary Violation (login.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S2 None None 9ec4ce27f48767b96297ef3cb8eabba1814ea08a02801692a669540c5a7ce019 /root/login.jsp None None None None None None None None None None 28 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53601,7 +53601,7 @@
   },
   {
     "fields": {
-      "content": "Trust Boundary Violation (login.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S2 None None 9ec4ce27f48767b96297ef3cb8eabba1814ea08a02801692a669540c5a7ce019 /root/login.jsp None None None None None None None None None None 160 N/A None BodgeIt ",
+      "content": "Trust Boundary Violation (login.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S2 None None 9ec4ce27f48767b96297ef3cb8eabba1814ea08a02801692a669540c5a7ce019 /root/login.jsp None None None None None None None None None None 160 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53619,7 +53619,7 @@
   },
   {
     "fields": {
-      "content": "Use of Cryptographically Weak PRNG (contact.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=14](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=14)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None 39052e0796f538556f2cc6c00b63fbed65ab036a874c9ed0672e6825d68602a2 /root/contact.jsp None None None None None None None None None None 274 N/A None BodgeIt ",
+      "content": "Use of Cryptographically Weak PRNG (contact.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=14](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=14)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None 39052e0796f538556f2cc6c00b63fbed65ab036a874c9ed0672e6825d68602a2 /root/contact.jsp None None None None None None None None None None 274 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53637,7 +53637,7 @@
   },
   {
     "fields": {
-      "content": "Use of Cryptographically Weak PRNG (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None 05880cd0576bed75819cae74abce873fdcce5f857ec95d937a458b0ca0a49195 /root/home.jsp None None None None None None None None None None 159 N/A None BodgeIt ",
+      "content": "Use of Cryptographically Weak PRNG (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None 05880cd0576bed75819cae74abce873fdcce5f857ec95d937a458b0ca0a49195 /root/home.jsp None None None None None None None None None None 159 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53655,7 +53655,7 @@
   },
   {
     "fields": {
-      "content": "Use of Cryptographically Weak PRNG (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None 05880cd0576bed75819cae74abce873fdcce5f857ec95d937a458b0ca0a49195 /root/home.jsp None None None None None None None None None None 27 N/A None BodgeIt ",
+      "content": "Use of Cryptographically Weak PRNG (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None 05880cd0576bed75819cae74abce873fdcce5f857ec95d937a458b0ca0a49195 /root/home.jsp None None None None None None None None None None 27 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53673,7 +53673,7 @@
   },
   {
     "fields": {
-      "content": "Use of Cryptographically Weak PRNG (init.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None afa0b4d8453f20629d5863f0cb1b8d4e31bf2e8c4476db973a78731ffcf08bd2 /root/init.jsp None None None None None None None None None None 206 N/A None BodgeIt ",
+      "content": "Use of Cryptographically Weak PRNG (init.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None afa0b4d8453f20629d5863f0cb1b8d4e31bf2e8c4476db973a78731ffcf08bd2 /root/init.jsp None None None None None None None None None None 206 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53691,7 +53691,7 @@
   },
   {
     "fields": {
-      "content": "Use of Cryptographically Weak PRNG (init.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None afa0b4d8453f20629d5863f0cb1b8d4e31bf2e8c4476db973a78731ffcf08bd2 /root/init.jsp None None None None None None None None None None 74 N/A None BodgeIt ",
+      "content": "Use of Cryptographically Weak PRNG (init.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None afa0b4d8453f20629d5863f0cb1b8d4e31bf2e8c4476db973a78731ffcf08bd2 /root/init.jsp None None None None None None None None None None 74 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53709,7 +53709,7 @@
   },
   {
     "fields": {
-      "content": "Use of Hard Coded Cryptographic Key (AES.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n N/A N/A None None  S2 None None 779b4fe3dd494b8c323ddb7cb879f60051ac263904a16ac65af5a210cf797c0b /src/com/thebodgeitstore/util/AES.java None None None None None None None None None None 99 N/A None BodgeIt ",
+      "content": "Use of Hard Coded Cryptographic Key (AES.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n N/A N/A None None  S2 None None 779b4fe3dd494b8c323ddb7cb879f60051ac263904a16ac65af5a210cf797c0b /src/com/thebodgeitstore/util/AES.java None None None None None None None None None None 99 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53727,7 +53727,7 @@
   },
   {
     "fields": {
-      "content": "Use of Hard Coded Cryptographic Key (AES.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n N/A N/A None None  S2 None None 779b4fe3dd494b8c323ddb7cb879f60051ac263904a16ac65af5a210cf797c0b /src/com/thebodgeitstore/util/AES.java None None None None None None None None None None 231 N/A None BodgeIt ",
+      "content": "Use of Hard Coded Cryptographic Key (AES.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n N/A N/A None None  S2 None None 779b4fe3dd494b8c323ddb7cb879f60051ac263904a16ac65af5a210cf797c0b /src/com/thebodgeitstore/util/AES.java None None None None None None None None None None 231 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53745,7 +53745,7 @@
   },
   {
     "fields": {
-      "content": "Use of Hard Coded Cryptographic Key (AdvancedSearch.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n N/A N/A None None  S2 None None d68d7152bc4b3f069aa236ff41cab28da77d7e668b77cb4de10ae8bf7a2e85be /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 88 N/A None BodgeIt ",
+      "content": "Use of Hard Coded Cryptographic Key (AdvancedSearch.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n N/A N/A None None  S2 None None d68d7152bc4b3f069aa236ff41cab28da77d7e668b77cb4de10ae8bf7a2e85be /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 88 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53763,7 +53763,7 @@
   },
   {
     "fields": {
-      "content": "Use of Hard Coded Cryptographic Key (AdvancedSearch.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n N/A N/A None None  S2 None None d68d7152bc4b3f069aa236ff41cab28da77d7e668b77cb4de10ae8bf7a2e85be /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 220 N/A None BodgeIt ",
+      "content": "Use of Hard Coded Cryptographic Key (AdvancedSearch.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n N/A N/A None None  S2 None None d68d7152bc4b3f069aa236ff41cab28da77d7e668b77cb4de10ae8bf7a2e85be /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 220 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53781,7 +53781,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (contact.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None 78ceea05b00023deec3b210877d332bf03d07b237e8339f508a18c62b1146f88 /root/contact.jsp None None None None None None None None None None 257 N/A None BodgeIt ",
+      "content": "Use of Insufficiently Random Values (contact.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None 78ceea05b00023deec3b210877d332bf03d07b237e8339f508a18c62b1146f88 /root/contact.jsp None None None None None None None None None None 257 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53799,7 +53799,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (contact.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None 78ceea05b00023deec3b210877d332bf03d07b237e8339f508a18c62b1146f88 /root/contact.jsp None None None None None None None None None None 125 N/A None BodgeIt ",
+      "content": "Use of Insufficiently Random Values (contact.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None 78ceea05b00023deec3b210877d332bf03d07b237e8339f508a18c62b1146f88 /root/contact.jsp None None None None None None None None None None 125 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53817,7 +53817,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (home.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=23](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=23)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None 67622d1c580dd13b751a2f6684e3b1e764c0b2059520e9b6683c5b8a6560262a /root/home.jsp None None None None None None None None None None 277 N/A None BodgeIt ",
+      "content": "Use of Insufficiently Random Values (home.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=23](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=23)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None 67622d1c580dd13b751a2f6684e3b1e764c0b2059520e9b6683c5b8a6560262a /root/home.jsp None None None None None None None None None None 277 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53835,7 +53835,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (init.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 2fe1558daec12a621f0504714bee44be8d382a57c7cdda160ddad8a2e8b8ca48 /root/init.jsp None None None None None None None None None None 83 N/A None BodgeIt ",
+      "content": "Use of Insufficiently Random Values (init.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 2fe1558daec12a621f0504714bee44be8d382a57c7cdda160ddad8a2e8b8ca48 /root/init.jsp None None None None None None None None None None 83 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53853,7 +53853,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (init.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 2fe1558daec12a621f0504714bee44be8d382a57c7cdda160ddad8a2e8b8ca48 /root/init.jsp None None None None None None None None None None 215 N/A None BodgeIt ",
+      "content": "Use of Insufficiently Random Values (init.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 2fe1558daec12a621f0504714bee44be8d382a57c7cdda160ddad8a2e8b8ca48 /root/init.jsp None None None None None None None None None None 215 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53871,7 +53871,7 @@
   },
   {
     "fields": {
-      "content": "XSRF (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S2 None None 371010ba334ccc433d73bf0c9cdaec557d5f7ec338c6f925d8a71763a228d473 /root/password.jsp None None None None None None None None None None 269 N/A None BodgeIt ",
+      "content": "XSRF (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S2 None None 371010ba334ccc433d73bf0c9cdaec557d5f7ec338c6f925d8a71763a228d473 /root/password.jsp None None None None None None None None None None 269 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53889,7 +53889,7 @@
   },
   {
     "fields": {
-      "content": "XSRF (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S2 None None 371010ba334ccc433d73bf0c9cdaec557d5f7ec338c6f925d8a71763a228d473 /root/password.jsp None None None None None None None None None None 137 N/A None BodgeIt ",
+      "content": "XSRF (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S2 None None 371010ba334ccc433d73bf0c9cdaec557d5f7ec338c6f925d8a71763a228d473 /root/password.jsp None None None None None None None None None None 137 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -53961,7 +53961,7 @@
   },
   {
     "fields": {
-      "content": "Errors Unhandled.-G104 None None N/A Low Filename: /vagrant/go/src/govwa/setting/setting.go\nLine number: 66\nIssue Confidence: HIGH\n\nCode:\n_ = db.QueryRow(sql).Scan(\u0026version)\n coming soon  None None  S3 None None 6a2543c093ae3492085ed185e29728240264e6b42d20e2594afa0e3bde0df7ed /vagrant/go/src/govwa/setting/setting.go None None None None None None None None None None 326 N/A None BodgeIt ",
+      "content": "Errors Unhandled.-G104 None None N/A Low Filename: /vagrant/go/src/govwa/setting/setting.go\nLine number: 66\nIssue Confidence: HIGH\n\nCode:\n_ = db.QueryRow(sql).Scan(&version)\n coming soon  None None  S3 None None 6a2543c093ae3492085ed185e29728240264e6b42d20e2594afa0e3bde0df7ed /vagrant/go/src/govwa/setting/setting.go None None None None None None None None None None 326 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54303,7 +54303,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None f8234be5bed59174a5f1f4efef0acb152b788f55c1804e2abbc185fe69ceea31 /root/basket.jsp None None None None None None None None None None 229 N/A None BodgeIt ",
+      "content": "Blind SQL Injections (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None f8234be5bed59174a5f1f4efef0acb152b788f55c1804e2abbc185fe69ceea31 /root/basket.jsp None None None None None None None None None None 229 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54321,7 +54321,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None f8234be5bed59174a5f1f4efef0acb152b788f55c1804e2abbc185fe69ceea31 /root/basket.jsp None None None None None None None None None None 97 N/A None BodgeIt ",
+      "content": "Blind SQL Injections (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None f8234be5bed59174a5f1f4efef0acb152b788f55c1804e2abbc185fe69ceea31 /root/basket.jsp None None None None None None None None None None 97 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54339,7 +54339,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None 2de5b8ed091eaaf750260b056239152b81363c790977699374b03d93e1d28551 /root/login.jsp None None None None None None None None None None 79 N/A None BodgeIt ",
+      "content": "Blind SQL Injections (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None 2de5b8ed091eaaf750260b056239152b81363c790977699374b03d93e1d28551 /root/login.jsp None None None None None None None None None None 79 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54357,7 +54357,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None 2de5b8ed091eaaf750260b056239152b81363c790977699374b03d93e1d28551 /root/login.jsp None None None None None None None None None None 211 N/A None BodgeIt ",
+      "content": "Blind SQL Injections (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None 2de5b8ed091eaaf750260b056239152b81363c790977699374b03d93e1d28551 /root/login.jsp None None None None None None None None None None 211 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54375,7 +54375,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (password.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None 8d7b5f3962f521cd5c2dc40e4ef9a7cc10cfc30efb90f4b5841e8e5463656c61 /root/password.jsp None None None None None None None None None None 157 N/A None BodgeIt ",
+      "content": "Blind SQL Injections (password.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None 8d7b5f3962f521cd5c2dc40e4ef9a7cc10cfc30efb90f4b5841e8e5463656c61 /root/password.jsp None None None None None None None None None None 157 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54393,7 +54393,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (password.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None 8d7b5f3962f521cd5c2dc40e4ef9a7cc10cfc30efb90f4b5841e8e5463656c61 /root/password.jsp None None None None None None None None None None 25 N/A None BodgeIt ",
+      "content": "Blind SQL Injections (password.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None 8d7b5f3962f521cd5c2dc40e4ef9a7cc10cfc30efb90f4b5841e8e5463656c61 /root/password.jsp None None None None None None None None None None 25 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54411,7 +54411,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None c3fb1583f06a0ce7bee2084607680b357d63dd8f9cc56d5d09f0601a3c62a336 /root/register.jsp None None None None None None None None None None 240 N/A None BodgeIt ",
+      "content": "Blind SQL Injections (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None c3fb1583f06a0ce7bee2084607680b357d63dd8f9cc56d5d09f0601a3c62a336 /root/register.jsp None None None None None None None None None None 240 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54429,7 +54429,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None c3fb1583f06a0ce7bee2084607680b357d63dd8f9cc56d5d09f0601a3c62a336 /root/register.jsp None None None None None None None None None None 108 N/A None BodgeIt ",
+      "content": "Blind SQL Injections (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None c3fb1583f06a0ce7bee2084607680b357d63dd8f9cc56d5d09f0601a3c62a336 /root/register.jsp None None None None None None None None None None 108 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54447,7 +54447,7 @@
   },
   {
     "fields": {
-      "content": "Client DOM Open Redirect (advanced.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** New Search\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** New Search\n-----\n N/A N/A None None  S3 None None 3173d904f9ac1a4779a3b5fd52f271e6a7871d6cb5387d2ced15025a4a15db93 /root/advanced.jsp None None None None None None None None None None 80 N/A None BodgeIt ",
+      "content": "Client DOM Open Redirect (advanced.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** New Search\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** New Search\n-----\n N/A N/A None None  S3 None None 3173d904f9ac1a4779a3b5fd52f271e6a7871d6cb5387d2ced15025a4a15db93 /root/advanced.jsp None None None None None None None None None None 80 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54465,7 +54465,7 @@
   },
   {
     "fields": {
-      "content": "Client DOM Open Redirect (advanced.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** New Search\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** New Search\n-----\n N/A N/A None None  S3 None None 3173d904f9ac1a4779a3b5fd52f271e6a7871d6cb5387d2ced15025a4a15db93 /root/advanced.jsp None None None None None None None None None None 212 N/A None BodgeIt ",
+      "content": "Client DOM Open Redirect (advanced.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** New Search\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** New Search\n-----\n N/A N/A None None  S3 None None 3173d904f9ac1a4779a3b5fd52f271e6a7871d6cb5387d2ced15025a4a15db93 /root/advanced.jsp None None None None None None None None None None 212 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54483,7 +54483,7 @@
   },
   {
     "fields": {
-      "content": "Client Insecure Randomness (encryption.js) None None N/A Low **Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n N/A N/A None None  S3 None None 9b003338465e31c37f36b2a2d9b01bf9003d1d2631e2c409b3d19d02c93a20b6 /root/js/encryption.js None None None None None None None None None None 149 N/A None BodgeIt ",
+      "content": "Client Insecure Randomness (encryption.js) None None N/A Low **Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n N/A N/A None None  S3 None None 9b003338465e31c37f36b2a2d9b01bf9003d1d2631e2c409b3d19d02c93a20b6 /root/js/encryption.js None None None None None None None None None None 149 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54501,7 +54501,7 @@
   },
   {
     "fields": {
-      "content": "Client Insecure Randomness (encryption.js) None None N/A Low **Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n N/A N/A None None  S3 None None 9b003338465e31c37f36b2a2d9b01bf9003d1d2631e2c409b3d19d02c93a20b6 /root/js/encryption.js None None None None None None None None None None 17 N/A None BodgeIt ",
+      "content": "Client Insecure Randomness (encryption.js) None None N/A Low **Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n N/A N/A None None  S3 None None 9b003338465e31c37f36b2a2d9b01bf9003d1d2631e2c409b3d19d02c93a20b6 /root/js/encryption.js None None None None None None None None None None 17 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54519,7 +54519,7 @@
   },
   {
     "fields": {
-      "content": "Collapse of Data Into Unsafe Value (contact.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "Collapse of Data Into Unsafe Value (contact.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "finding"
@@ -54537,7 +54537,7 @@
   },
   {
     "fields": {
-      "content": "Collapse of Data Into Unsafe Value (contact.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "Collapse of Data Into Unsafe Value (contact.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "finding"
@@ -54555,7 +54555,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (advanced.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S3 None None 35055620006745673ffba1cb3c1e8c09a9fd59f6438e6d45fbbb222a10968120 /root/advanced.jsp None None None None None None None None None None 178 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (advanced.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S3 None None 35055620006745673ffba1cb3c1e8c09a9fd59f6438e6d45fbbb222a10968120 /root/advanced.jsp None None None None None None None None None None 178 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54573,7 +54573,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (advanced.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S3 None None 35055620006745673ffba1cb3c1e8c09a9fd59f6438e6d45fbbb222a10968120 /root/advanced.jsp None None None None None None None None None None 46 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (advanced.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S3 None None 35055620006745673ffba1cb3c1e8c09a9fd59f6438e6d45fbbb222a10968120 /root/advanced.jsp None None None None None None None None None None 46 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54591,7 +54591,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (contact.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None ce6c5523b17b77be323a526e757f04235f6d8a3023ac5208b12b7c34de4fcbb6 /root/contact.jsp None None None None None None None None None None 267 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (contact.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None ce6c5523b17b77be323a526e757f04235f6d8a3023ac5208b12b7c34de4fcbb6 /root/contact.jsp None None None None None None None None None None 267 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54609,7 +54609,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (contact.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None ce6c5523b17b77be323a526e757f04235f6d8a3023ac5208b12b7c34de4fcbb6 /root/contact.jsp None None None None None None None None None None 135 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (contact.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None ce6c5523b17b77be323a526e757f04235f6d8a3023ac5208b12b7c34de4fcbb6 /root/contact.jsp None None None None None None None None None None 135 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54627,7 +54627,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (dbconnection.jspf) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None 24cd9b35200f9ca729fcccb8348baccd2ddfeee2f22177fd40e46931f8547659 /root/dbconnection.jspf None None None None None None None None None None 190 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (dbconnection.jspf) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None 24cd9b35200f9ca729fcccb8348baccd2ddfeee2f22177fd40e46931f8547659 /root/dbconnection.jspf None None None None None None None None None None 190 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54645,7 +54645,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (dbconnection.jspf) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None 24cd9b35200f9ca729fcccb8348baccd2ddfeee2f22177fd40e46931f8547659 /root/dbconnection.jspf None None None None None None None None None None 58 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (dbconnection.jspf) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None 24cd9b35200f9ca729fcccb8348baccd2ddfeee2f22177fd40e46931f8547659 /root/dbconnection.jspf None None None None None None None None None None 58 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54663,7 +54663,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n N/A N/A None None  S3 None None 66ad49b768c1dcb417d1047d6a3e134473f45969fdc41c529a37088dec29804e /root/header.jsp None None None None None None None None None None 71 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n N/A N/A None None  S3 None None 66ad49b768c1dcb417d1047d6a3e134473f45969fdc41c529a37088dec29804e /root/header.jsp None None None None None None None None None None 71 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54681,7 +54681,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n N/A N/A None None  S3 None None 66ad49b768c1dcb417d1047d6a3e134473f45969fdc41c529a37088dec29804e /root/header.jsp None None None None None None None None None None 203 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n N/A N/A None None  S3 None None 66ad49b768c1dcb417d1047d6a3e134473f45969fdc41c529a37088dec29804e /root/header.jsp None None None None None None None None None None 203 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54699,7 +54699,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None 7dba1c0820d0f6017ca3333f7f9a8865a862604c4b13a1eed04666c6e364fa36 /root/home.jsp None None None None None None None None None None 64 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None 7dba1c0820d0f6017ca3333f7f9a8865a862604c4b13a1eed04666c6e364fa36 /root/home.jsp None None None None None None None None None None 64 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54717,7 +54717,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None 7dba1c0820d0f6017ca3333f7f9a8865a862604c4b13a1eed04666c6e364fa36 /root/home.jsp None None None None None None None None None None 196 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None 7dba1c0820d0f6017ca3333f7f9a8865a862604c4b13a1eed04666c6e364fa36 /root/home.jsp None None None None None None None None None None 196 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54735,7 +54735,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (init.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None afd07fc450ae8609c93797c8fd893028f7d8a9841999facd0a08236696c05841 /root/init.jsp None None None None None None None None None None 53 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (init.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None afd07fc450ae8609c93797c8fd893028f7d8a9841999facd0a08236696c05841 /root/init.jsp None None None None None None None None None None 53 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54753,7 +54753,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (init.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None afd07fc450ae8609c93797c8fd893028f7d8a9841999facd0a08236696c05841 /root/init.jsp None None None None None None None None None None 185 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (init.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None afd07fc450ae8609c93797c8fd893028f7d8a9841999facd0a08236696c05841 /root/init.jsp None None None None None None None None None None 185 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54771,7 +54771,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100)\n\n N/A N/A None None  S3 None None eba9a993ff2b55ebdda24cb3c0fbc777bd7bcf038a01463f56b2f472f5a95296 /root/login.jsp None None None None None None None None None None 123 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100)\n\n N/A N/A None None  S3 None None eba9a993ff2b55ebdda24cb3c0fbc777bd7bcf038a01463f56b2f472f5a95296 /root/login.jsp None None None None None None None None None None 123 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54789,7 +54789,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100)\n\n N/A N/A None None  S3 None None eba9a993ff2b55ebdda24cb3c0fbc777bd7bcf038a01463f56b2f472f5a95296 /root/login.jsp None None None None None None None None None None 255 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100)\n\n N/A N/A None None  S3 None None eba9a993ff2b55ebdda24cb3c0fbc777bd7bcf038a01463f56b2f472f5a95296 /root/login.jsp None None None None None None None None None None 255 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54807,7 +54807,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None ae4e2ef51220be9b4ca71ee34ae9d174d093e6dd2da41951bc4ad2139a4dad3f /root/product.jsp None None None None None None None None None None 31 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None ae4e2ef51220be9b4ca71ee34ae9d174d093e6dd2da41951bc4ad2139a4dad3f /root/product.jsp None None None None None None None None None None 31 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54825,7 +54825,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None ae4e2ef51220be9b4ca71ee34ae9d174d093e6dd2da41951bc4ad2139a4dad3f /root/product.jsp None None None None None None None None None None 163 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None ae4e2ef51220be9b4ca71ee34ae9d174d093e6dd2da41951bc4ad2139a4dad3f /root/product.jsp None None None None None None None None None None 163 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54843,7 +54843,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107)\n\n N/A N/A None None  S3 None None 8fc3621137e4dd32d75801ac6948909b20f671d21ed9dfe89d0e2f49a2554653 /root/register.jsp None None None None None None None None None None 42 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107)\n\n N/A N/A None None  S3 None None 8fc3621137e4dd32d75801ac6948909b20f671d21ed9dfe89d0e2f49a2554653 /root/register.jsp None None None None None None None None None None 42 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54861,7 +54861,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107)\n\n N/A N/A None None  S3 None None 8fc3621137e4dd32d75801ac6948909b20f671d21ed9dfe89d0e2f49a2554653 /root/register.jsp None None None None None None None None None None 174 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107)\n\n N/A N/A None None  S3 None None 8fc3621137e4dd32d75801ac6948909b20f671d21ed9dfe89d0e2f49a2554653 /root/register.jsp None None None None None None None None None None 174 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54879,7 +54879,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109)\n\n N/A N/A None None  S3 None None 6bea74fa6a2e15eb4e272fd8033b63984cb1cfefd52189c7031b58d7bd325f44 /root/score.jsp None None None None None None None None None None 120 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109)\n\n N/A N/A None None  S3 None None 6bea74fa6a2e15eb4e272fd8033b63984cb1cfefd52189c7031b58d7bd325f44 /root/score.jsp None None None None None None None None None None 120 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54897,7 +54897,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109)\n\n N/A N/A None None  S3 None None 6bea74fa6a2e15eb4e272fd8033b63984cb1cfefd52189c7031b58d7bd325f44 /root/score.jsp None None None None None None None None None None 252 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109)\n\n N/A N/A None None  S3 None None 6bea74fa6a2e15eb4e272fd8033b63984cb1cfefd52189c7031b58d7bd325f44 /root/score.jsp None None None None None None None None None None 252 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54915,7 +54915,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S3 None None 63f306f6577c64ad2d38ddd3985cc649b11dd360f7a962e98cb63686c89b2b95 /root/search.jsp None None None None None None None None None None 244 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S3 None None 63f306f6577c64ad2d38ddd3985cc649b11dd360f7a962e98cb63686c89b2b95 /root/search.jsp None None None None None None None None None None 244 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54933,7 +54933,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S3 None None 63f306f6577c64ad2d38ddd3985cc649b11dd360f7a962e98cb63686c89b2b95 /root/search.jsp None None None None None None None None None None 112 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S3 None None 63f306f6577c64ad2d38ddd3985cc649b11dd360f7a962e98cb63686c89b2b95 /root/search.jsp None None None None None None None None None None 112 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54951,7 +54951,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (FunctionalZAP.java) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n N/A N/A None None  S3 None None 174ea52e3d43e0e3089705762ecd259a74bdb4c592473a8c4615c8d37e840725 /src/com/thebodgeitstore/selenium/tests/FunctionalZAP.java None None None None None None None None None None 204 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (FunctionalZAP.java) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n N/A N/A None None  S3 None None 174ea52e3d43e0e3089705762ecd259a74bdb4c592473a8c4615c8d37e840725 /src/com/thebodgeitstore/selenium/tests/FunctionalZAP.java None None None None None None None None None None 204 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54969,7 +54969,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (FunctionalZAP.java) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n N/A N/A None None  S3 None None 174ea52e3d43e0e3089705762ecd259a74bdb4c592473a8c4615c8d37e840725 /src/com/thebodgeitstore/selenium/tests/FunctionalZAP.java None None None None None None None None None None 72 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (FunctionalZAP.java) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n N/A N/A None None  S3 None None 174ea52e3d43e0e3089705762ecd259a74bdb4c592473a8c4615c8d37e840725 /src/com/thebodgeitstore/selenium/tests/FunctionalZAP.java None None None None None None None None None None 72 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -54987,7 +54987,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (admin.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=121](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=121)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=122](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=122)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=123](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=123)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=124](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=124)\n\n**Line Number:** 12\n**Column:** 383\n**Source Object:** execute\n**Number:** 12\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_ADMIN'\");\n-----\n N/A N/A None None  S3 None None 5852c73c2309bcf533c51c4b6c8221b0519229d4010090067bd6ea629971c099 /root/admin.jsp None None None None None None None None None None 273 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (admin.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=121](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=121)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=122](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=122)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=123](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=123)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=124](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=124)\n\n**Line Number:** 12\n**Column:** 383\n**Source Object:** execute\n**Number:** 12\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_ADMIN'\");\n-----\n N/A N/A None None  S3 None None 5852c73c2309bcf533c51c4b6c8221b0519229d4010090067bd6ea629971c099 /root/admin.jsp None None None None None None None None None None 273 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55005,7 +55005,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n N/A N/A None None  S3 None None 76a4b74903cac92c02f0d0c7eca32f417f6ce4a3fb04f16eff17cfc0e8f8df7f /root/basket.jsp None None None None None None None None None None 201 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n N/A N/A None None  S3 None None 76a4b74903cac92c02f0d0c7eca32f417f6ce4a3fb04f16eff17cfc0e8f8df7f /root/basket.jsp None None None None None None None None None None 201 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55023,7 +55023,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n N/A N/A None None  S3 None None 76a4b74903cac92c02f0d0c7eca32f417f6ce4a3fb04f16eff17cfc0e8f8df7f /root/basket.jsp None None None None None None None None None None 69 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n N/A N/A None None  S3 None None 76a4b74903cac92c02f0d0c7eca32f417f6ce4a3fb04f16eff17cfc0e8f8df7f /root/basket.jsp None None None None None None None None None None 69 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55041,7 +55041,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 920ba1bf2ab979534eda06dd720ba0baa9cff2b1c14fd1ad56e89a5d656ed2f9 /root/header.jsp None None None None None None None None None None 119 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 920ba1bf2ab979534eda06dd720ba0baa9cff2b1c14fd1ad56e89a5d656ed2f9 /root/header.jsp None None None None None None None None None None 119 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55059,7 +55059,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 920ba1bf2ab979534eda06dd720ba0baa9cff2b1c14fd1ad56e89a5d656ed2f9 /root/header.jsp None None None None None None None None None None 251 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 920ba1bf2ab979534eda06dd720ba0baa9cff2b1c14fd1ad56e89a5d656ed2f9 /root/header.jsp None None None None None None None None None None 251 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55077,7 +55077,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 40f3e776293c5c19ac7b521181adfef56ed09288fa417f519d1cc6071cba8a17 /root/home.jsp None None None None None None None None None None 237 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 40f3e776293c5c19ac7b521181adfef56ed09288fa417f519d1cc6071cba8a17 /root/home.jsp None None None None None None None None None None 237 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55095,7 +55095,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 40f3e776293c5c19ac7b521181adfef56ed09288fa417f519d1cc6071cba8a17 /root/home.jsp None None None None None None None None None None 105 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 40f3e776293c5c19ac7b521181adfef56ed09288fa417f519d1cc6071cba8a17 /root/home.jsp None None None None None None None None None None 105 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55113,7 +55113,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (init.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None 1544a01109756bdb265135b3dbc4efca3a22c8d19fa9b50407c94760f04d5610 /root/init.jsp None None None None None None None None None None 95 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (init.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None 1544a01109756bdb265135b3dbc4efca3a22c8d19fa9b50407c94760f04d5610 /root/init.jsp None None None None None None None None None None 95 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55131,7 +55131,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (init.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None 1544a01109756bdb265135b3dbc4efca3a22c8d19fa9b50407c94760f04d5610 /root/init.jsp None None None None None None None None None None 227 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (init.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None 1544a01109756bdb265135b3dbc4efca3a22c8d19fa9b50407c94760f04d5610 /root/init.jsp None None None None None None None None None None 227 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55149,7 +55149,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None 70d68584520c7bc1b47ca45fc75b42460659a52957a10fe2a99858c32b329ae1 /root/login.jsp None None None None None None None None None None 250 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None 70d68584520c7bc1b47ca45fc75b42460659a52957a10fe2a99858c32b329ae1 /root/login.jsp None None None None None None None None None None 250 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55167,7 +55167,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None 70d68584520c7bc1b47ca45fc75b42460659a52957a10fe2a99858c32b329ae1 /root/login.jsp None None None None None None None None None None 118 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None 70d68584520c7bc1b47ca45fc75b42460659a52957a10fe2a99858c32b329ae1 /root/login.jsp None None None None None None None None None None 118 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55185,7 +55185,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (password.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None c69d0a9ead39b5990a429c6ed185050ffadfda672b020ac6e7322ef02e72563a /root/password.jsp None None None None None None None None None None 32 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (password.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None c69d0a9ead39b5990a429c6ed185050ffadfda672b020ac6e7322ef02e72563a /root/password.jsp None None None None None None None None None None 32 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55203,7 +55203,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (password.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None c69d0a9ead39b5990a429c6ed185050ffadfda672b020ac6e7322ef02e72563a /root/password.jsp None None None None None None None None None None 164 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (password.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None c69d0a9ead39b5990a429c6ed185050ffadfda672b020ac6e7322ef02e72563a /root/password.jsp None None None None None None None None None None 164 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55221,7 +55221,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None b037e71624f50f74cfbd0f0cd561daa1e87b1ac3690b19b1d3fe3c36ef452628 /root/product.jsp None None None None None None None None None None 198 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None b037e71624f50f74cfbd0f0cd561daa1e87b1ac3690b19b1d3fe3c36ef452628 /root/product.jsp None None None None None None None None None None 198 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55239,7 +55239,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None b037e71624f50f74cfbd0f0cd561daa1e87b1ac3690b19b1d3fe3c36ef452628 /root/product.jsp None None None None None None None None None None 66 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None b037e71624f50f74cfbd0f0cd561daa1e87b1ac3690b19b1d3fe3c36ef452628 /root/product.jsp None None None None None None None None None None 66 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55257,7 +55257,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None d0e517ef410747c79f882b9fc73a04a92ef6b4792017378ae5c4a39e21a921c5 /root/register.jsp None None None None None None None None None None 271 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None d0e517ef410747c79f882b9fc73a04a92ef6b4792017378ae5c4a39e21a921c5 /root/register.jsp None None None None None None None None None None 271 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55275,7 +55275,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None d0e517ef410747c79f882b9fc73a04a92ef6b4792017378ae5c4a39e21a921c5 /root/register.jsp None None None None None None None None None None 139 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None d0e517ef410747c79f882b9fc73a04a92ef6b4792017378ae5c4a39e21a921c5 /root/register.jsp None None None None None None None None None None 139 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55293,7 +55293,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 5b24a32f74c75879a1adc65bf89b03bb64f81565dbd6a2240149f2ce1bd27d40 /root/score.jsp None None None None None None None None None None 246 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 5b24a32f74c75879a1adc65bf89b03bb64f81565dbd6a2240149f2ce1bd27d40 /root/score.jsp None None None None None None None None None None 246 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55311,7 +55311,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 5b24a32f74c75879a1adc65bf89b03bb64f81565dbd6a2240149f2ce1bd27d40 /root/score.jsp None None None None None None None None None None 114 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 5b24a32f74c75879a1adc65bf89b03bb64f81565dbd6a2240149f2ce1bd27d40 /root/score.jsp None None None None None None None None None None 114 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55329,7 +55329,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n N/A N/A None None  S3 None None b493926fdab24fe92c9c28363e72429e66631bd5056f574ddefb983212933d10 /root/search.jsp None None None None None None None None None None 104 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n N/A N/A None None  S3 None None b493926fdab24fe92c9c28363e72429e66631bd5056f574ddefb983212933d10 /root/search.jsp None None None None None None None None None None 104 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55347,7 +55347,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n N/A N/A None None  S3 None None b493926fdab24fe92c9c28363e72429e66631bd5056f574ddefb983212933d10 /root/search.jsp None None None None None None None None None None 236 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n N/A N/A None None  S3 None None b493926fdab24fe92c9c28363e72429e66631bd5056f574ddefb983212933d10 /root/search.jsp None None None None None None None None None None 236 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55365,7 +55365,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (AdvancedSearch.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 514c8fbd9da03f03f770c9e0ca12d8bb20db50f3a836b4d50f16e0d75b0cca08 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 36 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (AdvancedSearch.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 514c8fbd9da03f03f770c9e0ca12d8bb20db50f3a836b4d50f16e0d75b0cca08 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 36 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55383,7 +55383,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (AdvancedSearch.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 514c8fbd9da03f03f770c9e0ca12d8bb20db50f3a836b4d50f16e0d75b0cca08 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 168 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (AdvancedSearch.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 514c8fbd9da03f03f770c9e0ca12d8bb20db50f3a836b4d50f16e0d75b0cca08 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 168 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55401,7 +55401,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (admin.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 8332e5bd42770868b5db865ca9017c31fcea5a91cff250c4341dc73ed5fdb6e6 /root/admin.jsp None None None None None None None None None None 106 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (admin.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 8332e5bd42770868b5db865ca9017c31fcea5a91cff250c4341dc73ed5fdb6e6 /root/admin.jsp None None None None None None None None None None 106 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55419,7 +55419,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (admin.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 8332e5bd42770868b5db865ca9017c31fcea5a91cff250c4341dc73ed5fdb6e6 /root/admin.jsp None None None None None None None None None None 238 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (admin.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 8332e5bd42770868b5db865ca9017c31fcea5a91cff250c4341dc73ed5fdb6e6 /root/admin.jsp None None None None None None None None None None 238 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55437,7 +55437,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 245 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 245 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55455,7 +55455,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 132 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 132 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55473,7 +55473,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 210 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 210 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55491,7 +55491,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 113 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 113 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55509,7 +55509,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 78 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 78 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55527,7 +55527,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 264 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 264 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55545,7 +55545,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (contact.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=463](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=463)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=464](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=464)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=465](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=465)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=466](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=466)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=467](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=467)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=468](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=468)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=469](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=469)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=470](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=470)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=471](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=471)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=472](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=472)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=473](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=473)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=474](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=474)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=475](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=475)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=476](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=476)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=477](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=477)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=478](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=478)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=479](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=479)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=480](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=480)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=481](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=481)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=482](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=482)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=483](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=483)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=484](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=484)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=485](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=485)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=486](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=486)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=487](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=487)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=488](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=488)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=489](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=489)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=490](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=490)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=491](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=491)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=492](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=492)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=493](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=493)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=494](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=494)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=495](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=495)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=496](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=496)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=497](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=497)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=498](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=498)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=499](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=499)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=500](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=500)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=501](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=501)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=502](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=502)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=503](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=503)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=504](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=504)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=505](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=505)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=506](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=506)\n\n**Line Number:** 24\n**Column:** 377\n**Source Object:** conn\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 398\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 370\n**Source Object:** stmt\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 27\n**Column:** 353\n**Source Object:** stmt\n**Number:** 27\n**Code:** stmt.setString(1, username);\n-----\n**Line Number:** 28\n**Column:** 353\n**Source Object:** stmt\n**Number:** 28\n**Code:** stmt.setString(2, comments);\n-----\n**Line Number:** 29\n**Column:** 365\n**Source Object:** execute\n**Number:** 29\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None 82b6e67fea88a46706b742dee6eb877a58f0ef800b00de81d044714ae2d83f6b /root/contact.jsp None None None None None None None None None None 275 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (contact.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=463](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=463)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=464](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=464)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=465](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=465)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=466](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=466)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=467](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=467)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=468](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=468)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=469](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=469)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=470](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=470)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=471](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=471)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=472](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=472)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=473](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=473)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=474](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=474)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=475](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=475)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=476](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=476)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=477](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=477)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=478](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=478)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=479](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=479)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=480](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=480)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=481](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=481)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=482](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=482)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=483](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=483)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=484](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=484)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=485](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=485)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=486](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=486)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=487](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=487)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=488](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=488)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=489](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=489)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=490](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=490)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=491](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=491)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=492](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=492)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=493](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=493)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=494](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=494)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=495](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=495)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=496](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=496)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=497](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=497)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=498](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=498)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=499](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=499)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=500](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=500)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=501](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=501)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=502](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=502)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=503](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=503)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=504](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=504)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=505](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=505)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=506](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=506)\n\n**Line Number:** 24\n**Column:** 377\n**Source Object:** conn\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 398\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 370\n**Source Object:** stmt\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 27\n**Column:** 353\n**Source Object:** stmt\n**Number:** 27\n**Code:** stmt.setString(1, username);\n-----\n**Line Number:** 28\n**Column:** 353\n**Source Object:** stmt\n**Number:** 28\n**Code:** stmt.setString(2, comments);\n-----\n**Line Number:** 29\n**Column:** 365\n**Source Object:** execute\n**Number:** 29\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None 82b6e67fea88a46706b742dee6eb877a58f0ef800b00de81d044714ae2d83f6b /root/contact.jsp None None None None None None None None None None 275 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55563,7 +55563,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (home.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None fffd29bd0973269ddbbed2e210926c04d42cb12037117261626b95bd52bcff27 /root/home.jsp None None None None None None None None None None 144 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (home.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None fffd29bd0973269ddbbed2e210926c04d42cb12037117261626b95bd52bcff27 /root/home.jsp None None None None None None None None None None 144 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55581,7 +55581,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (home.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None fffd29bd0973269ddbbed2e210926c04d42cb12037117261626b95bd52bcff27 /root/home.jsp None None None None None None None None None None 12 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (home.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None fffd29bd0973269ddbbed2e210926c04d42cb12037117261626b95bd52bcff27 /root/home.jsp None None None None None None None None None None 12 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55599,7 +55599,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (init.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None 2a7f9ff0b80ef53370128384650fe897d773383109c7d171159cbfbc232476e2 /root/init.jsp None None None None None None None None None None 76 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (init.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None 2a7f9ff0b80ef53370128384650fe897d773383109c7d171159cbfbc232476e2 /root/init.jsp None None None None None None None None None None 76 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55617,7 +55617,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (init.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None 2a7f9ff0b80ef53370128384650fe897d773383109c7d171159cbfbc232476e2 /root/init.jsp None None None None None None None None None None 208 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (init.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None 2a7f9ff0b80ef53370128384650fe897d773383109c7d171159cbfbc232476e2 /root/init.jsp None None None None None None None None None None 208 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55635,7 +55635,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (password.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n N/A N/A None None  S3 None None 97e071423b295531965759c3641effa4a92e8e67f5ae40a3248a0a296aada52d /root/password.jsp None None None None None None None None None None 253 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (password.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n N/A N/A None None  S3 None None 97e071423b295531965759c3641effa4a92e8e67f5ae40a3248a0a296aada52d /root/password.jsp None None None None None None None None None None 253 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55653,7 +55653,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (password.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n N/A N/A None None  S3 None None 97e071423b295531965759c3641effa4a92e8e67f5ae40a3248a0a296aada52d /root/password.jsp None None None None None None None None None None 121 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (password.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n N/A N/A None None  S3 None None 97e071423b295531965759c3641effa4a92e8e67f5ae40a3248a0a296aada52d /root/password.jsp None None None None None None None None None None 121 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55671,7 +55671,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (product.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 810541dc4d59d52088c1c29bfbb5ed70b10bfa657980a3099b26ff8799955f28 /root/product.jsp None None None None None None None None None None 122 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (product.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 810541dc4d59d52088c1c29bfbb5ed70b10bfa657980a3099b26ff8799955f28 /root/product.jsp None None None None None None None None None None 122 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55689,7 +55689,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (product.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 810541dc4d59d52088c1c29bfbb5ed70b10bfa657980a3099b26ff8799955f28 /root/product.jsp None None None None None None None None None None 254 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (product.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 810541dc4d59d52088c1c29bfbb5ed70b10bfa657980a3099b26ff8799955f28 /root/product.jsp None None None None None None None None None None 254 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55707,7 +55707,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (score.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 326fbad527801598a49946804f53bff975023eeb4c7c992932611d45d0b46201 /root/score.jsp None None None None None None None None None None 232 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (score.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 326fbad527801598a49946804f53bff975023eeb4c7c992932611d45d0b46201 /root/score.jsp None None None None None None None None None None 232 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55725,7 +55725,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (score.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 326fbad527801598a49946804f53bff975023eeb4c7c992932611d45d0b46201 /root/score.jsp None None None None None None None None None None 100 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (score.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 326fbad527801598a49946804f53bff975023eeb4c7c992932611d45d0b46201 /root/score.jsp None None None None None None None None None None 100 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55743,7 +55743,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (search.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 763571cd8b09d88baae5cc8bc9d755e2401e204c335894933401186d14be3992 /root/search.jsp None None None None None None None None None None 93 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (search.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 763571cd8b09d88baae5cc8bc9d755e2401e204c335894933401186d14be3992 /root/search.jsp None None None None None None None None None None 93 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55761,7 +55761,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (search.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 763571cd8b09d88baae5cc8bc9d755e2401e204c335894933401186d14be3992 /root/search.jsp None None None None None None None None None None 225 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (search.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 763571cd8b09d88baae5cc8bc9d755e2401e204c335894933401186d14be3992 /root/search.jsp None None None None None None None None None None 225 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55779,7 +55779,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (AdvancedSearch.java) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n N/A N/A None None  S3 None None 21c80d580d9f1de55f6179e2a08e5684f46c9734d79cf701b2ff25e6776ccdfc /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 143 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (AdvancedSearch.java) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n N/A N/A None None  S3 None None 21c80d580d9f1de55f6179e2a08e5684f46c9734d79cf701b2ff25e6776ccdfc /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 143 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55797,7 +55797,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (AdvancedSearch.java) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n N/A N/A None None  S3 None None 21c80d580d9f1de55f6179e2a08e5684f46c9734d79cf701b2ff25e6776ccdfc /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 11 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (AdvancedSearch.java) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n N/A N/A None None  S3 None None 21c80d580d9f1de55f6179e2a08e5684f46c9734d79cf701b2ff25e6776ccdfc /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 11 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55815,7 +55815,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (admin.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n N/A N/A None None  S3 None None fc95b0887dc03b9f29f45b95aeb41e7f681dc28388279d7e11c233d3b5235c00 /root/admin.jsp None None None None None None None None None None 29 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (admin.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n N/A N/A None None  S3 None None fc95b0887dc03b9f29f45b95aeb41e7f681dc28388279d7e11c233d3b5235c00 /root/admin.jsp None None None None None None None None None None 29 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55833,7 +55833,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (admin.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n N/A N/A None None  S3 None None fc95b0887dc03b9f29f45b95aeb41e7f681dc28388279d7e11c233d3b5235c00 /root/admin.jsp None None None None None None None None None None 161 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (admin.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n N/A N/A None None  S3 None None fc95b0887dc03b9f29f45b95aeb41e7f681dc28388279d7e11c233d3b5235c00 /root/admin.jsp None None None None None None None None None None 161 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55851,7 +55851,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None cfa4c706348e59de8b65228daccc21474abf67877a50dec0efa031e947d2e3bd /root/basket.jsp None None None None None None None None None None 235 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None cfa4c706348e59de8b65228daccc21474abf67877a50dec0efa031e947d2e3bd /root/basket.jsp None None None None None None None None None None 235 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55869,7 +55869,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None cfa4c706348e59de8b65228daccc21474abf67877a50dec0efa031e947d2e3bd /root/basket.jsp None None None None None None None None None None 103 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None cfa4c706348e59de8b65228daccc21474abf67877a50dec0efa031e947d2e3bd /root/basket.jsp None None None None None None None None None None 103 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55887,7 +55887,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (contact.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 1e74e0c4e0572c6bb5aaee26176b8a40ce024325bbffea1ddbb120bab9d9542c /root/contact.jsp None None None None None None None None None None 49 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (contact.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 1e74e0c4e0572c6bb5aaee26176b8a40ce024325bbffea1ddbb120bab9d9542c /root/contact.jsp None None None None None None None None None None 49 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55905,7 +55905,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (contact.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 1e74e0c4e0572c6bb5aaee26176b8a40ce024325bbffea1ddbb120bab9d9542c /root/contact.jsp None None None None None None None None None None 181 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (contact.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 1e74e0c4e0572c6bb5aaee26176b8a40ce024325bbffea1ddbb120bab9d9542c /root/contact.jsp None None None None None None None None None None 181 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55923,7 +55923,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 584b05859f76b43b2736a28ac1c8ac88497704d0f31868218fcda9077396a215 /root/header.jsp None None None None None None None None None None 129 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 584b05859f76b43b2736a28ac1c8ac88497704d0f31868218fcda9077396a215 /root/header.jsp None None None None None None None None None None 129 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55941,7 +55941,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 584b05859f76b43b2736a28ac1c8ac88497704d0f31868218fcda9077396a215 /root/header.jsp None None None None None None None None None None 261 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 584b05859f76b43b2736a28ac1c8ac88497704d0f31868218fcda9077396a215 /root/header.jsp None None None None None None None None None None 261 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55959,7 +55959,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None cfc58944e3181521dc3a9ec917dcb54d7a54ebbf3f0e8aaca7fec60a05485c63 /root/home.jsp None None None None None None None None None None 176 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None cfc58944e3181521dc3a9ec917dcb54d7a54ebbf3f0e8aaca7fec60a05485c63 /root/home.jsp None None None None None None None None None None 176 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55977,7 +55977,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None cfc58944e3181521dc3a9ec917dcb54d7a54ebbf3f0e8aaca7fec60a05485c63 /root/home.jsp None None None None None None None None None None 44 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None cfc58944e3181521dc3a9ec917dcb54d7a54ebbf3f0e8aaca7fec60a05485c63 /root/home.jsp None None None None None None None None None None 44 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -55995,7 +55995,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None af0420cc3c001e6a1c65aceb86644080bcdb3f08b6be7cfc96a3bb3e20685afb /root/login.jsp None None None None None None None None None None 256 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None af0420cc3c001e6a1c65aceb86644080bcdb3f08b6be7cfc96a3bb3e20685afb /root/login.jsp None None None None None None None None None None 256 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56013,7 +56013,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None af0420cc3c001e6a1c65aceb86644080bcdb3f08b6be7cfc96a3bb3e20685afb /root/login.jsp None None None None None None None None None None 124 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None af0420cc3c001e6a1c65aceb86644080bcdb3f08b6be7cfc96a3bb3e20685afb /root/login.jsp None None None None None None None None None None 124 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56031,7 +56031,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 85b4b54f401f88fb286b6442b56fecb5922a025504207d94f5835e4b9e4c3d49 /root/product.jsp None None None None None None None None None None 136 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 85b4b54f401f88fb286b6442b56fecb5922a025504207d94f5835e4b9e4c3d49 /root/product.jsp None None None None None None None None None None 136 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56049,7 +56049,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 85b4b54f401f88fb286b6442b56fecb5922a025504207d94f5835e4b9e4c3d49 /root/product.jsp None None None None None None None None None None 268 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 85b4b54f401f88fb286b6442b56fecb5922a025504207d94f5835e4b9e4c3d49 /root/product.jsp None None None None None None None None None None 268 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56067,7 +56067,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") \u003e= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 508298807b8bd2787b58a49d31bd3f056293c7656e8936eb2e478b3636fa5e19 /root/register.jsp None None None None None None None None None None 94 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") >= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 508298807b8bd2787b58a49d31bd3f056293c7656e8936eb2e478b3636fa5e19 /root/register.jsp None None None None None None None None None None 94 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56085,7 +56085,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") \u003e= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 508298807b8bd2787b58a49d31bd3f056293c7656e8936eb2e478b3636fa5e19 /root/register.jsp None None None None None None None None None None 226 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") >= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 508298807b8bd2787b58a49d31bd3f056293c7656e8936eb2e478b3636fa5e19 /root/register.jsp None None None None None None None None None None 226 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56103,7 +56103,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 1c24c0fc04774515bc6dc38386250282055e0585ae71b405586b552ca04b31c9 /root/score.jsp None None None None None None None None None None 219 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 1c24c0fc04774515bc6dc38386250282055e0585ae71b405586b552ca04b31c9 /root/score.jsp None None None None None None None None None None 219 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56121,7 +56121,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 1c24c0fc04774515bc6dc38386250282055e0585ae71b405586b552ca04b31c9 /root/score.jsp None None None None None None None None None None 87 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 1c24c0fc04774515bc6dc38386250282055e0585ae71b405586b552ca04b31c9 /root/score.jsp None None None None None None None None None None 87 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56139,7 +56139,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 641ba17f6201ed5f40524a90c0e0fc03d8a4731528be567b639362cef3f20ef2 /root/search.jsp None None None None None None None None None None 107 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 641ba17f6201ed5f40524a90c0e0fc03d8a4731528be567b639362cef3f20ef2 /root/search.jsp None None None None None None None None None None 107 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56157,7 +56157,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 641ba17f6201ed5f40524a90c0e0fc03d8a4731528be567b639362cef3f20ef2 /root/search.jsp None None None None None None None None None None 239 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 641ba17f6201ed5f40524a90c0e0fc03d8a4731528be567b639362cef3f20ef2 /root/search.jsp None None None None None None None None None None 239 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56175,7 +56175,7 @@
   },
   {
     "fields": {
-      "content": "Missing X Frame Options (web.xml) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S3 None None 5fb0f064b2f7098c57e1115b391bf7a6eb57feae63c2848b916a5b79dccf66f3 /build/WEB-INF/web.xml None None None None None None None None None None 84 N/A None BodgeIt ",
+      "content": "Missing X Frame Options (web.xml) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S3 None None 5fb0f064b2f7098c57e1115b391bf7a6eb57feae63c2848b916a5b79dccf66f3 /build/WEB-INF/web.xml None None None None None None None None None None 84 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56193,7 +56193,7 @@
   },
   {
     "fields": {
-      "content": "Missing X Frame Options (web.xml) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84)\n\n N/A N/A None None  S3 None None 418f79f7a59a306d5e46aa4af1924b64200aed234ae994dcd66485eb30bbe869 /root/WEB-INF/web.xml None None None None None None None None None None 142 N/A None BodgeIt ",
+      "content": "Missing X Frame Options (web.xml) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84)\n\n N/A N/A None None  S3 None None 418f79f7a59a306d5e46aa4af1924b64200aed234ae994dcd66485eb30bbe869 /root/WEB-INF/web.xml None None None None None None None None None None 142 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56211,7 +56211,7 @@
   },
   {
     "fields": {
-      "content": "Missing X Frame Options (web.xml) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S3 None None 5fb0f064b2f7098c57e1115b391bf7a6eb57feae63c2848b916a5b79dccf66f3 /build/WEB-INF/web.xml None None None None None None None None None None 216 N/A None BodgeIt ",
+      "content": "Missing X Frame Options (web.xml) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S3 None None 5fb0f064b2f7098c57e1115b391bf7a6eb57feae63c2848b916a5b79dccf66f3 /build/WEB-INF/web.xml None None None None None None None None None None 216 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56229,7 +56229,7 @@
   },
   {
     "fields": {
-      "content": "Missing X Frame Options (web.xml) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84)\n\n N/A N/A None None  S3 None None 418f79f7a59a306d5e46aa4af1924b64200aed234ae994dcd66485eb30bbe869 /root/WEB-INF/web.xml None None None None None None None None None None 10 N/A None BodgeIt ",
+      "content": "Missing X Frame Options (web.xml) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84)\n\n N/A N/A None None  S3 None None 418f79f7a59a306d5e46aa4af1924b64200aed234ae994dcd66485eb30bbe869 /root/WEB-INF/web.xml None None None None None None None None None None 10 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56247,7 +56247,7 @@
   },
   {
     "fields": {
-      "content": "Not Using a Random IV With CBC Mode (AES.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n N/A N/A None None  S3 None None e5ac755dbe3bfd23995c8d5a99779d188440c9e573d79b44130d90468d41439c /src/com/thebodgeitstore/util/AES.java None None None None None None None None None None 153 N/A None BodgeIt ",
+      "content": "Not Using a Random IV With CBC Mode (AES.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n N/A N/A None None  S3 None None e5ac755dbe3bfd23995c8d5a99779d188440c9e573d79b44130d90468d41439c /src/com/thebodgeitstore/util/AES.java None None None None None None None None None None 153 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56265,7 +56265,7 @@
   },
   {
     "fields": {
-      "content": "Not Using a Random IV With CBC Mode (AES.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n N/A N/A None None  S3 None None e5ac755dbe3bfd23995c8d5a99779d188440c9e573d79b44130d90468d41439c /src/com/thebodgeitstore/util/AES.java None None None None None None None None None None 21 N/A None BodgeIt ",
+      "content": "Not Using a Random IV With CBC Mode (AES.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n N/A N/A None None  S3 None None e5ac755dbe3bfd23995c8d5a99779d188440c9e573d79b44130d90468d41439c /src/com/thebodgeitstore/util/AES.java None None None None None None None None None None 21 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56283,7 +56283,7 @@
   },
   {
     "fields": {
-      "content": "Plaintext Storage in a Cookie (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None c81c73f4bd1bb970a016bd7e5f1979af8d05eac71f387b2da9bd4affcaf13f81 /root/basket.jsp None None None None None None None None None None 180 N/A None BodgeIt ",
+      "content": "Plaintext Storage in a Cookie (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None c81c73f4bd1bb970a016bd7e5f1979af8d05eac71f387b2da9bd4affcaf13f81 /root/basket.jsp None None None None None None None None None None 180 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56301,7 +56301,7 @@
   },
   {
     "fields": {
-      "content": "Plaintext Storage in a Cookie (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None c81c73f4bd1bb970a016bd7e5f1979af8d05eac71f387b2da9bd4affcaf13f81 /root/basket.jsp None None None None None None None None None None 48 N/A None BodgeIt ",
+      "content": "Plaintext Storage in a Cookie (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None c81c73f4bd1bb970a016bd7e5f1979af8d05eac71f387b2da9bd4affcaf13f81 /root/basket.jsp None None None None None None None None None None 48 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56319,7 +56319,7 @@
   },
   {
     "fields": {
-      "content": "Race Condition Format Flaw (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\" + nf.format(pricetopay) + \"\");\n-----\n N/A N/A None None  S3 None None 3db6ca06969817d45acccd02c0ba65067c1e11e9d4d7c34c7301612e63b2f75a /root/basket.jsp None None None None None None None None None None 70 N/A None BodgeIt ",
+      "content": "Race Condition Format Flaw (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\" + nf.format(pricetopay) + \"\");\n-----\n N/A N/A None None  S3 None None 3db6ca06969817d45acccd02c0ba65067c1e11e9d4d7c34c7301612e63b2f75a /root/basket.jsp None None None None None None None None None None 70 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56337,7 +56337,7 @@
   },
   {
     "fields": {
-      "content": "Race Condition Format Flaw (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\" + nf.format(pricetopay) + \"\");\n-----\n N/A N/A None None  S3 None None 3db6ca06969817d45acccd02c0ba65067c1e11e9d4d7c34c7301612e63b2f75a /root/basket.jsp None None None None None None None None None None 202 N/A None BodgeIt ",
+      "content": "Race Condition Format Flaw (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\" + nf.format(pricetopay) + \"\");\n-----\n N/A N/A None None  S3 None None 3db6ca06969817d45acccd02c0ba65067c1e11e9d4d7c34c7301612e63b2f75a /root/basket.jsp None None None None None None None None None None 202 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56355,7 +56355,7 @@
   },
   {
     "fields": {
-      "content": "Race Condition Format Flaw (product.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\" + nf.format(price) + \"\");\n-----\n N/A N/A None None  S3 None None b1306a4177b37bad4dbe763419df19ec56d7442262be5dfeff6d346b3b900ad1 /root/product.jsp None None None None None None None None None None 130 N/A None BodgeIt ",
+      "content": "Race Condition Format Flaw (product.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\" + nf.format(price) + \"\");\n-----\n N/A N/A None None  S3 None None b1306a4177b37bad4dbe763419df19ec56d7442262be5dfeff6d346b3b900ad1 /root/product.jsp None None None None None None None None None None 130 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56373,7 +56373,7 @@
   },
   {
     "fields": {
-      "content": "Race Condition Format Flaw (product.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\" + nf.format(price) + \"\");\n-----\n N/A N/A None None  S3 None None b1306a4177b37bad4dbe763419df19ec56d7442262be5dfeff6d346b3b900ad1 /root/product.jsp None None None None None None None None None None 262 N/A None BodgeIt ",
+      "content": "Race Condition Format Flaw (product.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\" + nf.format(price) + \"\");\n-----\n N/A N/A None None  S3 None None b1306a4177b37bad4dbe763419df19ec56d7442262be5dfeff6d346b3b900ad1 /root/product.jsp None None None None None None None None None None 262 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56391,7 +56391,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n N/A N/A None None  S3 None None bae03653ab0823182626d77d8ba94f2fab26eccdde7bcb11ddd0fb8dee79d717 /root/basket.jsp None None None None None None None None None None 30 N/A None BodgeIt ",
+      "content": "Reliance on Cookies in a Decision (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n N/A N/A None None  S3 None None bae03653ab0823182626d77d8ba94f2fab26eccdde7bcb11ddd0fb8dee79d717 /root/basket.jsp None None None None None None None None None None 30 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56409,7 +56409,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n N/A N/A None None  S3 None None bae03653ab0823182626d77d8ba94f2fab26eccdde7bcb11ddd0fb8dee79d717 /root/basket.jsp None None None None None None None None None None 162 N/A None BodgeIt ",
+      "content": "Reliance on Cookies in a Decision (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n N/A N/A None None  S3 None None bae03653ab0823182626d77d8ba94f2fab26eccdde7bcb11ddd0fb8dee79d717 /root/basket.jsp None None None None None None None None None None 162 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56427,7 +56427,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (login.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None 11b43c1ce56100d6a92b74b27d6e6901f3822b44c4b6e8437a7622f71c3a58a9 /root/login.jsp None None None None None None None None None None 109 N/A None BodgeIt ",
+      "content": "Reliance on Cookies in a Decision (login.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None 11b43c1ce56100d6a92b74b27d6e6901f3822b44c4b6e8437a7622f71c3a58a9 /root/login.jsp None None None None None None None None None None 109 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56445,7 +56445,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (login.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None 11b43c1ce56100d6a92b74b27d6e6901f3822b44c4b6e8437a7622f71c3a58a9 /root/login.jsp None None None None None None None None None None 241 N/A None BodgeIt ",
+      "content": "Reliance on Cookies in a Decision (login.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None 11b43c1ce56100d6a92b74b27d6e6901f3822b44c4b6e8437a7622f71c3a58a9 /root/login.jsp None None None None None None None None None None 241 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56463,7 +56463,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (register.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None 84c57ed3e3723016b9425c8549bd0faab967538a59e072c2dc5c85974a72bf41 /root/register.jsp None None None None None None None None None None 221 N/A None BodgeIt ",
+      "content": "Reliance on Cookies in a Decision (register.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None 84c57ed3e3723016b9425c8549bd0faab967538a59e072c2dc5c85974a72bf41 /root/register.jsp None None None None None None None None None None 221 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56481,7 +56481,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (register.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None 84c57ed3e3723016b9425c8549bd0faab967538a59e072c2dc5c85974a72bf41 /root/register.jsp None None None None None None None None None None 89 N/A None BodgeIt ",
+      "content": "Reliance on Cookies in a Decision (register.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None 84c57ed3e3723016b9425c8549bd0faab967538a59e072c2dc5c85974a72bf41 /root/register.jsp None None None None None None None None None None 89 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56499,7 +56499,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (basket.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None 7d988ddc1b32f65ada9bd17516943b28e33458ea570ce92843bdb49e7a7e22fb /root/basket.jsp None None None None None None None None None None 218 N/A None BodgeIt ",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (basket.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None 7d988ddc1b32f65ada9bd17516943b28e33458ea570ce92843bdb49e7a7e22fb /root/basket.jsp None None None None None None None None None None 218 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56517,7 +56517,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (basket.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None 7d988ddc1b32f65ada9bd17516943b28e33458ea570ce92843bdb49e7a7e22fb /root/basket.jsp None None None None None None None None None None 86 N/A None BodgeIt ",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (basket.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None 7d988ddc1b32f65ada9bd17516943b28e33458ea570ce92843bdb49e7a7e22fb /root/basket.jsp None None None None None None None None None None 86 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56535,7 +56535,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (login.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None 0441fee04d6e24c168f5b4b567cc31174f464330f27638f83f80ee87d0d3dc03 /root/login.jsp None None None None None None None None None None 37 N/A None BodgeIt ",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (login.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None 0441fee04d6e24c168f5b4b567cc31174f464330f27638f83f80ee87d0d3dc03 /root/login.jsp None None None None None None None None None None 37 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56553,7 +56553,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (login.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None 0441fee04d6e24c168f5b4b567cc31174f464330f27638f83f80ee87d0d3dc03 /root/login.jsp None None None None None None None None None None 169 N/A None BodgeIt ",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (login.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None 0441fee04d6e24c168f5b4b567cc31174f464330f27638f83f80ee87d0d3dc03 /root/login.jsp None None None None None None None None None None 169 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56571,7 +56571,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (register.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None ebfe755d6f8f91724d9d8a0672c12dce0200f818bce80b7fcaab30987b124a99 /root/register.jsp None None None None None None None None None None 128 N/A None BodgeIt ",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (register.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None ebfe755d6f8f91724d9d8a0672c12dce0200f818bce80b7fcaab30987b124a99 /root/register.jsp None None None None None None None None None None 128 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56589,7 +56589,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (register.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None ebfe755d6f8f91724d9d8a0672c12dce0200f818bce80b7fcaab30987b124a99 /root/register.jsp None None None None None None None None None None 260 N/A None BodgeIt ",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (register.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None ebfe755d6f8f91724d9d8a0672c12dce0200f818bce80b7fcaab30987b124a99 /root/register.jsp None None None None None None None None None None 260 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56607,7 +56607,7 @@
   },
   {
     "fields": {
-      "content": "Stored Boundary Violation (login.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S3 None None b0de3516ab323f5577e6ad94803e2ddf541214bbae868bf34e828ba3a4d966ca /root/login.jsp None None None None None None None None None None 23 N/A None BodgeIt ",
+      "content": "Stored Boundary Violation (login.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S3 None None b0de3516ab323f5577e6ad94803e2ddf541214bbae868bf34e828ba3a4d966ca /root/login.jsp None None None None None None None None None None 23 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56625,7 +56625,7 @@
   },
   {
     "fields": {
-      "content": "Stored Boundary Violation (login.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S3 None None b0de3516ab323f5577e6ad94803e2ddf541214bbae868bf34e828ba3a4d966ca /root/login.jsp None None None None None None None None None None 155 N/A None BodgeIt ",
+      "content": "Stored Boundary Violation (login.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S3 None None b0de3516ab323f5577e6ad94803e2ddf541214bbae868bf34e828ba3a4d966ca /root/login.jsp None None None None None None None None None None 155 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56643,7 +56643,7 @@
   },
   {
     "fields": {
-      "content": "Suspected XSS (contact.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S3 None None cecce89612fa88ff6270b822a8840911536f983c5ab580f5e7df0ec93a95884a /root/contact.jsp None None None None None None None None None None 205 N/A None BodgeIt ",
+      "content": "Suspected XSS (contact.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S3 None None cecce89612fa88ff6270b822a8840911536f983c5ab580f5e7df0ec93a95884a /root/contact.jsp None None None None None None None None None None 205 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56661,7 +56661,7 @@
   },
   {
     "fields": {
-      "content": "Suspected XSS (contact.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S3 None None cecce89612fa88ff6270b822a8840911536f983c5ab580f5e7df0ec93a95884a /root/contact.jsp None None None None None None None None None None 73 N/A None BodgeIt ",
+      "content": "Suspected XSS (contact.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S3 None None cecce89612fa88ff6270b822a8840911536f983c5ab580f5e7df0ec93a95884a /root/contact.jsp None None None None None None None None None None 73 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56679,7 +56679,7 @@
   },
   {
     "fields": {
-      "content": "Suspected XSS (password.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** \u003c%=username%\u003e\n-----\n N/A N/A None None  S3 None None ff922242dd15286d81f09888a33ad571eca598b615bf4d4b9024af17df42bc17 /root/password.jsp None None None None None None None None None None 171 N/A None BodgeIt ",
+      "content": "Suspected XSS (password.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** <%=username%>\n-----\n N/A N/A None None  S3 None None ff922242dd15286d81f09888a33ad571eca598b615bf4d4b9024af17df42bc17 /root/password.jsp None None None None None None None None None None 171 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56697,7 +56697,7 @@
   },
   {
     "fields": {
-      "content": "Suspected XSS (password.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** \u003c%=username%\u003e\n-----\n N/A N/A None None  S3 None None ff922242dd15286d81f09888a33ad571eca598b615bf4d4b9024af17df42bc17 /root/password.jsp None None None None None None None None None None 39 N/A None BodgeIt ",
+      "content": "Suspected XSS (password.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** <%=username%>\n-----\n N/A N/A None None  S3 None None ff922242dd15286d81f09888a33ad571eca598b615bf4d4b9024af17df42bc17 /root/password.jsp None None None None None None None None None None 39 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56715,7 +56715,7 @@
   },
   {
     "fields": {
-      "content": "Unsynchronized Access to Shared Data (AdvancedSearch.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n N/A N/A None None  S3 None None dc13f474e6f512cb31374bfa4658ce7a866d6b832d40742e784ef14f6513ab87 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 243 N/A None BodgeIt ",
+      "content": "Unsynchronized Access to Shared Data (AdvancedSearch.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n N/A N/A None None  S3 None None dc13f474e6f512cb31374bfa4658ce7a866d6b832d40742e784ef14f6513ab87 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 243 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -56733,7 +56733,7 @@
   },
   {
     "fields": {
-      "content": "Unsynchronized Access to Shared Data (AdvancedSearch.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n N/A N/A None None  S3 None None dc13f474e6f512cb31374bfa4658ce7a866d6b832d40742e784ef14f6513ab87 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 111 N/A None BodgeIt ",
+      "content": "Unsynchronized Access to Shared Data (AdvancedSearch.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n N/A N/A None None  S3 None None dc13f474e6f512cb31374bfa4658ce7a866d6b832d40742e784ef14f6513ab87 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 111 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -57147,7 +57147,7 @@
   },
   {
     "fields": {
-      "content": "Apple Accounting Software Accounting software is typically composed of various modules, different sections dealing with particular areas of accounting. Among the most common are:\r\n\r\n**Core modules**\r\n\r\n* Accounts receivable—where the company enters money received\r\n* Accounts payable—where the company enters its bills and pays money it owes\r\n* General ledger—the company's \"books\"\r\n* Billing—where the company produces invoices to clients/customers high web production purchased 3 Billing",
+      "content": "Apple Accounting Software Accounting software is typically composed of various modules, different sections dealing with particular areas of accounting. Among the most common are:\r\n\r\n**Core modules**\r\n\r\n* Accounts receivable\u2014where the company enters money received\r\n* Accounts payable\u2014where the company enters its bills and pays money it owes\r\n* General ledger\u2014the company's \"books\"\r\n* Billing\u2014where the company produces invoices to clients/customers high web production purchased 3 Billing",
       "content_type": [
         "dojo",
         "product"
diff --git a/dojo/fixtures/defect_dojo_sample_data_locations.json b/dojo/fixtures/defect_dojo_sample_data_locations.json
index 88286c552c1..f56ce8069fa 100644
--- a/dojo/fixtures/defect_dojo_sample_data_locations.json
+++ b/dojo/fixtures/defect_dojo_sample_data_locations.json
@@ -18,7 +18,7 @@
   },
   {
     "fields": {
-      "date_joined": "2021-08-01T07:59:51Z",
+      "date_joined": "2025-07-03T00:39:24Z",
       "email": "",
       "first_name": "",
       "groups": [],
@@ -545,7 +545,7 @@
     "fields": {
       "acronym": "HIPAA",
       "category": "medical",
-      "description": "The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was enacted by the United States Congress and signed by President Bill Clinton in 1996. It has been known as the Kennedy–Kassebaum Act or Kassebaum-Kennedy Act after two of its leading sponsors. Title I of HIPAA protects health insurance coverage for workers and their families when they change or lose their jobs. Title II of HIPAA, known as the Administrative Simplification (AS) provisions, requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers.",
+      "description": "The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was enacted by the United States Congress and signed by President Bill Clinton in 1996. It has been known as the Kennedy\u2013Kassebaum Act or Kassebaum-Kennedy Act after two of its leading sponsors. Title I of HIPAA protects health insurance coverage for workers and their families when they change or lose their jobs. Title II of HIPAA, known as the Administrative Simplification (AS) provisions, requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers.",
       "jurisdiction": "United States",
       "name": "Health Insurance Portability and Accountability Act",
       "reference": "http://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act"
@@ -569,9 +569,9 @@
     "fields": {
       "acronym": "SOX",
       "category": "finance",
-      "description": "The Sarbanes–Oxley Act of 2002 (SOX) is a United States federal law that set new or enhanced standards for all U.S. public company boards, management and public accounting firms. There are also a number of provisions of the Act that also apply to privately held companies, for example the willful destruction of evidence to impede a Federal investigation.",
+      "description": "The Sarbanes\u2013Oxley Act of 2002 (SOX) is a United States federal law that set new or enhanced standards for all U.S. public company boards, management and public accounting firms. There are also a number of provisions of the Act that also apply to privately held companies, for example the willful destruction of evidence to impede a Federal investigation.",
       "jurisdiction": "United States",
-      "name": "Sarbanes–Oxley Act",
+      "name": "Sarbanes\u2013Oxley Act",
       "reference": "http://en.wikipedia.org/wiki/Sarbanes%E2%80%93Oxley_Act"
     },
     "model": "dojo.regulation",
@@ -581,9 +581,9 @@
     "fields": {
       "acronym": "GLBA",
       "category": "finance",
-      "description": "The Gramm–Leach–Bliley Act (GLBA) is an act of the 106th United States Congress. It repealed part of the Glass–Steagall Act of 1933, removing barriers in the market among banking companies, securities companies and insurance companies that prohibited any one institution from acting as any combination of an investment bank, a commercial bank, and an insurance company. With the bipartisan passage of the Gramm–Leach–Bliley Act, commercial banks, investment banks, securities firms, and insurance companies were allowed to consolidate. Furthermore, it failed to give to the SEC or any other financial regulatory agency the authority to regulate large investment bank holding companies.",
+      "description": "The Gramm\u2013Leach\u2013Bliley Act (GLBA) is an act of the 106th United States Congress. It repealed part of the Glass\u2013Steagall Act of 1933, removing barriers in the market among banking companies, securities companies and insurance companies that prohibited any one institution from acting as any combination of an investment bank, a commercial bank, and an insurance company. With the bipartisan passage of the Gramm\u2013Leach\u2013Bliley Act, commercial banks, investment banks, securities firms, and insurance companies were allowed to consolidate. Furthermore, it failed to give to the SEC or any other financial regulatory agency the authority to regulate large investment bank holding companies.",
       "jurisdiction": "United States",
-      "name": "Gramm–Leach–Bliley Act",
+      "name": "Gramm\u2013Leach\u2013Bliley Act",
       "reference": "http://en.wikipedia.org/wiki/Gramm%E2%80%93Leach%E2%80%93Bliley_Act"
     },
     "model": "dojo.regulation",
@@ -678,7 +678,7 @@
       "acronym": "GDPR",
       "category": "privacy",
       "description": "The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.\r\n\r\nSuperseding the Data Protection Directive 95/46/EC, the regulation contains provisions and requirements pertaining to the processing of personally identifiable information of data subjects inside the European Union, and applies to all enterprises, regardless of location, that are doing business with the European Economic Area. Business processes that handle personal data must be built with data protection by design and by default, meaning that personal data must be stored using pseudonymisation or full anonymisation, and use the highest-possible privacy settings by default, so that the data is not available publicly without explicit consent, and cannot be used to identify a subject without additional information stored separately. No personal data may be processed unless it is done under a lawful basis specified by the regulation, or if the data controller or processor has received explicit, opt-in consent from the data's owner. The data owner has the right to revoke this permission at any time.",
-      "jurisdiction": "EU \u0026 EU Data Extra-Territorial Applicability",
+      "jurisdiction": "EU & EU Data Extra-Territorial Applicability",
       "name": "General Data Protection Regulation",
       "reference": "https://www.eugdpr.org/"
     },
@@ -2612,7 +2612,7 @@
       "async_updating": false,
       "business_criticality": "high",
       "created": null,
-      "description": "Accounting software is typically composed of various modules, different sections dealing with particular areas of accounting. Among the most common are:\r\n\r\n**Core modules**\r\n\r\n* Accounts receivable—where the company enters money received\r\n* Accounts payable—where the company enters its bills and pays money it owes\r\n* General ledger—the company's \"books\"\r\n* Billing—where the company produces invoices to clients/customers",
+      "description": "Accounting software is typically composed of various modules, different sections dealing with particular areas of accounting. Among the most common are:\r\n\r\n**Core modules**\r\n\r\n* Accounts receivable\u2014where the company enters money received\r\n* Accounts payable\u2014where the company enters its bills and pays money it owes\r\n* General ledger\u2014the company's \"books\"\r\n* Billing\u2014where the company produces invoices to clients/customers",
       "disable_sla_breach_notifications": false,
       "enable_full_risk_acceptance": true,
       "enable_product_tag_inheritance": false,
@@ -2783,8 +2783,8 @@
       "source_code_management_uri": null,
       "status": "In Progress",
       "tags": [],
-      "target_end": "2021-07-31",
-      "target_start": "2021-07-31",
+      "target_end": "2025-07-01",
+      "target_start": "2025-07-01",
       "test_strategy": null,
       "threat_model": true,
       "tmodel_path": "none",
@@ -2830,8 +2830,8 @@
       "source_code_management_uri": null,
       "status": "Completed",
       "tags": [],
-      "target_end": "2021-07-31",
-      "target_start": "2021-07-31",
+      "target_end": "2025-07-01",
+      "target_start": "2025-07-01",
       "test_strategy": "",
       "threat_model": true,
       "tmodel_path": "none",
@@ -2877,8 +2877,8 @@
       "source_code_management_uri": null,
       "status": "Completed",
       "tags": [],
-      "target_end": "2021-07-23",
-      "target_start": "2021-07-22",
+      "target_end": "2025-06-23",
+      "target_start": "2025-06-22",
       "test_strategy": null,
       "threat_model": true,
       "tmodel_path": "none",
@@ -2924,8 +2924,8 @@
       "source_code_management_uri": null,
       "status": "Completed",
       "tags": [],
-      "target_end": "2021-12-11",
-      "target_start": "2021-12-04",
+      "target_end": "2025-11-11",
+      "target_start": "2025-11-04",
       "test_strategy": "",
       "threat_model": false,
       "tmodel_path": "none",
@@ -2973,8 +2973,8 @@
       "tags": [
         "pci"
       ],
-      "target_end": "2022-02-26",
-      "target_start": "2022-02-19",
+      "target_end": "2026-01-27",
+      "target_start": "2026-01-20",
       "test_strategy": "",
       "threat_model": false,
       "tmodel_path": "none",
@@ -3018,8 +3018,8 @@
       "source_code_management_uri": null,
       "status": "",
       "tags": [],
-      "target_end": "2021-12-04",
-      "target_start": "2021-12-04",
+      "target_end": "2025-11-04",
+      "target_start": "2025-11-04",
       "test_strategy": null,
       "threat_model": true,
       "tmodel_path": "none",
@@ -3065,8 +3065,8 @@
       "source_code_management_uri": null,
       "status": "Not Started",
       "tags": [],
-      "target_end": "2022-01-27",
-      "target_start": "2022-01-20",
+      "target_end": "2025-12-28",
+      "target_start": "2025-12-21",
       "test_strategy": "",
       "threat_model": false,
       "tmodel_path": "none",
@@ -3114,8 +3114,8 @@
       "tags": [
         "pci"
       ],
-      "target_end": "2021-12-05",
-      "target_start": "2021-12-05",
+      "target_end": "2025-11-05",
+      "target_start": "2025-11-05",
       "test_strategy": "",
       "threat_model": false,
       "tmodel_path": "none",
@@ -3161,8 +3161,8 @@
       "source_code_management_uri": null,
       "status": "Blocked",
       "tags": [],
-      "target_end": "2022-02-02",
-      "target_start": "2022-01-30",
+      "target_end": "2026-01-03",
+      "target_start": "2025-12-31",
       "test_strategy": "",
       "threat_model": false,
       "tmodel_path": "none",
@@ -3208,8 +3208,8 @@
       "source_code_management_uri": "https://github.com/psiinon/bodgeit",
       "status": "Completed",
       "tags": [],
-      "target_end": "2021-12-12",
-      "target_start": "2021-12-05",
+      "target_end": "2025-11-12",
+      "target_start": "2025-11-05",
       "test_strategy": null,
       "threat_model": false,
       "tmodel_path": "none",
@@ -3253,8 +3253,8 @@
       "source_code_management_uri": null,
       "status": "In Progress",
       "tags": [],
-      "target_end": "2021-12-05",
-      "target_start": "2021-12-05",
+      "target_end": "2025-11-05",
+      "target_start": "2025-11-05",
       "test_strategy": null,
       "threat_model": false,
       "tmodel_path": "none",
@@ -3331,8 +3331,8 @@
       "percent_complete": 100,
       "scan_type": null,
       "tags": [],
-      "target_end": "2021-03-30T00:00:00Z",
-      "target_start": "2021-03-21T00:00:00Z",
+      "target_end": "2025-02-28T16:39:33Z",
+      "target_start": "2025-02-19T16:39:33Z",
       "test_type": 1,
       "title": null,
       "updated": null,
@@ -3360,8 +3360,8 @@
       "percent_complete": 100,
       "scan_type": null,
       "tags": [],
-      "target_end": "2021-04-22T01:00:00Z",
-      "target_start": "2021-04-21T01:00:00Z",
+      "target_end": "2025-03-23T17:39:33Z",
+      "target_start": "2025-03-22T17:39:33Z",
       "test_type": 1,
       "title": null,
       "updated": null,
@@ -3387,8 +3387,8 @@
       "percent_complete": 100,
       "scan_type": null,
       "tags": [],
-      "target_end": "2021-03-30T00:00:00Z",
-      "target_start": "2021-03-21T00:00:00Z",
+      "target_end": "2025-02-28T16:39:33Z",
+      "target_start": "2025-02-19T16:39:33Z",
       "test_type": 1,
       "title": null,
       "updated": null,
@@ -3416,8 +3416,8 @@
       "percent_complete": 100,
       "scan_type": null,
       "tags": [],
-      "target_end": "2021-12-04T00:00:00Z",
-      "target_start": "2021-12-04T00:00:00Z",
+      "target_end": "2025-11-04T16:39:33Z",
+      "target_start": "2025-11-04T16:39:33Z",
       "test_type": 12,
       "title": null,
       "updated": "2021-12-05T12:52:37.052385054Z",
@@ -3445,8 +3445,8 @@
       "percent_complete": 100,
       "scan_type": null,
       "tags": [],
-      "target_end": "2021-12-04T00:00:00Z",
-      "target_start": "2021-12-04T00:00:00Z",
+      "target_end": "2025-11-04T16:39:33Z",
+      "target_start": "2025-11-04T16:39:33Z",
       "test_type": 12,
       "title": null,
       "updated": "2021-12-05T12:54:31.628385054Z",
@@ -3474,8 +3474,8 @@
       "percent_complete": null,
       "scan_type": null,
       "tags": [],
-      "target_end": "2022-02-24T00:00:00Z",
-      "target_start": "2022-02-19T00:00:00Z",
+      "target_end": "2026-01-25T16:39:33Z",
+      "target_start": "2026-01-20T16:39:33Z",
       "test_type": 21,
       "title": null,
       "updated": "2021-12-05T13:17:40.492385054Z",
@@ -3530,8 +3530,8 @@
       "percent_complete": null,
       "scan_type": null,
       "tags": [],
-      "target_end": "2022-01-27T00:00:00Z",
-      "target_start": "2022-01-20T00:00:00Z",
+      "target_end": "2025-12-28T16:39:33Z",
+      "target_start": "2025-12-21T16:39:33Z",
       "test_type": 1,
       "title": null,
       "updated": "2021-12-05T13:34:15.590385054Z",
@@ -3559,8 +3559,8 @@
       "percent_complete": null,
       "scan_type": null,
       "tags": [],
-      "target_end": "2022-01-27T00:00:00Z",
-      "target_start": "2022-01-20T00:00:00Z",
+      "target_end": "2025-12-28T16:39:33Z",
+      "target_start": "2025-12-21T16:39:33Z",
       "test_type": 19,
       "title": null,
       "updated": "2021-12-05T13:34:29.899385054Z",
@@ -3588,8 +3588,8 @@
       "percent_complete": null,
       "scan_type": null,
       "tags": [],
-      "target_end": "2022-01-27T00:00:00Z",
-      "target_start": "2022-01-20T00:00:00Z",
+      "target_end": "2025-12-28T16:39:33Z",
+      "target_start": "2025-12-21T16:39:33Z",
       "test_type": 17,
       "title": null,
       "updated": "2021-12-05T13:34:48.200385054Z",
@@ -3617,8 +3617,8 @@
       "percent_complete": null,
       "scan_type": null,
       "tags": [],
-      "target_end": "2022-01-27T00:00:00Z",
-      "target_start": "2022-01-20T00:00:00Z",
+      "target_end": "2025-12-28T16:39:33Z",
+      "target_start": "2025-12-21T16:39:33Z",
       "test_type": 11,
       "title": null,
       "updated": "2021-12-05T13:35:08.304385054Z",
@@ -3646,8 +3646,8 @@
       "percent_complete": 100,
       "scan_type": null,
       "tags": [],
-      "target_end": "2021-12-05T00:00:00Z",
-      "target_start": "2021-12-05T00:00:00Z",
+      "target_end": "2025-11-05T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 17,
       "title": null,
       "updated": "2021-12-06T10:35:42.303385054Z",
@@ -3675,8 +3675,8 @@
       "percent_complete": 100,
       "scan_type": null,
       "tags": [],
-      "target_end": "2021-12-05T00:00:00Z",
-      "target_start": "2021-12-05T00:00:00Z",
+      "target_end": "2025-11-05T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 28,
       "title": null,
       "updated": "2021-12-06T10:37:12.939385054Z",
@@ -3704,8 +3704,8 @@
       "percent_complete": 100,
       "scan_type": null,
       "tags": [],
-      "target_end": "2021-12-05T00:00:00Z",
-      "target_start": "2021-12-05T00:00:00Z",
+      "target_end": "2025-11-05T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 9,
       "title": null,
       "updated": "2021-12-06T10:38:24.006385054Z",
@@ -3733,8 +3733,8 @@
       "percent_complete": null,
       "scan_type": null,
       "tags": [],
-      "target_end": "2021-12-12T00:00:00Z",
-      "target_start": "2021-12-05T00:00:00Z",
+      "target_end": "2025-11-12T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 29,
       "title": null,
       "updated": "2021-12-06T10:45:30.478385054Z",
@@ -3762,8 +3762,8 @@
       "percent_complete": null,
       "scan_type": null,
       "tags": [],
-      "target_end": "2021-12-12T00:00:00Z",
-      "target_start": "2021-12-05T00:00:00Z",
+      "target_end": "2025-11-12T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 3,
       "title": null,
       "updated": "2021-12-06T10:45:41.988385054Z",
@@ -3791,8 +3791,8 @@
       "percent_complete": 100,
       "scan_type": null,
       "tags": [],
-      "target_end": "2021-12-05T00:00:00Z",
-      "target_start": "2021-12-05T00:00:00Z",
+      "target_end": "2025-11-05T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 30,
       "title": null,
       "updated": "2021-12-06T10:58:24.523385054Z",
@@ -3820,8 +3820,8 @@
       "percent_complete": 100,
       "scan_type": null,
       "tags": [],
-      "target_end": "2021-12-05T00:00:00Z",
-      "target_start": "2021-12-05T00:00:00Z",
+      "target_end": "2025-11-05T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 9,
       "title": null,
       "updated": "2021-12-06T14:34:11.974385054Z",
@@ -3842,7 +3842,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": null,
-      "date": "2021-04-21",
+      "date": "2025-03-22",
       "defect_review_requested_by": [
         "admin"
       ],
@@ -3901,7 +3901,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2021-05-21",
+      "sla_expiration_date": "2025-04-21",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -3933,7 +3933,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": null,
-      "date": "2021-04-21",
+      "date": "2025-03-22",
       "defect_review_requested_by": [
         "admin"
       ],
@@ -3992,7 +3992,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2021-05-21",
+      "sla_expiration_date": "2025-04-21",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4024,7 +4024,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": null,
-      "date": "2021-04-21",
+      "date": "2025-03-22",
       "defect_review_requested_by": [
         "admin"
       ],
@@ -4083,7 +4083,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2021-05-21",
+      "sla_expiration_date": "2025-04-21",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4115,7 +4115,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": null,
-      "date": "2021-04-21",
+      "date": "2025-03-22",
       "defect_review_requested_by": [
         "admin"
       ],
@@ -4174,7 +4174,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2021-05-21",
+      "sla_expiration_date": "2025-04-21",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4206,7 +4206,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": null,
-      "date": "2021-04-21",
+      "date": "2025-03-22",
       "defect_review_requested_by": [
         "admin"
       ],
@@ -4265,7 +4265,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2021-05-21",
+      "sla_expiration_date": "2025-04-21",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4297,7 +4297,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 1,
-      "date": "2021-04-20",
+      "date": "2025-03-21",
       "defect_review_requested_by": [
         "product_manager"
       ],
@@ -4356,7 +4356,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2021-05-20",
+      "sla_expiration_date": "2025-04-20",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4388,9 +4388,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -4445,7 +4445,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4477,9 +4477,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -4534,7 +4534,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4566,9 +4566,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 829,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84)\n\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -4623,7 +4623,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4655,9 +4655,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -4712,7 +4712,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4744,9 +4744,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -4801,7 +4801,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4833,9 +4833,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -4890,7 +4890,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -4922,9 +4922,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 10706,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -4979,7 +4979,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5011,9 +5011,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5068,7 +5068,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5100,9 +5100,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5157,7 +5157,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5189,9 +5189,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 330,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n",
+      "description": "**Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5246,7 +5246,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5278,9 +5278,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5335,7 +5335,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5367,9 +5367,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5424,7 +5424,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5456,9 +5456,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\u003c/a\u003e\u003c/td\u003e\u003ctd\u003e\" + type + \"\u003c/td\u003e\u003ctd align=\\\"right\\\"\u003e\" + nf.format(price) + \"\u003c/td\u003e\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"</a></td><td>\" + type + \"</td><td align=\\\"right\\\">\" + nf.format(price) + \"</td>\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5513,7 +5513,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5545,9 +5545,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 329,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5602,7 +5602,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5634,9 +5634,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 182,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5691,7 +5691,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5723,9 +5723,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 646,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5780,7 +5780,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5812,9 +5812,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5869,7 +5869,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5901,9 +5901,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -5958,7 +5958,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -5990,9 +5990,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 244,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6047,7 +6047,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6079,9 +6079,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 338,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6136,7 +6136,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6168,9 +6168,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 501,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6225,7 +6225,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6257,9 +6257,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\u003cbr/\u003e\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\u003cbr/\u003e\" + e);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.<br/>\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.<br/>\" + e);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6314,7 +6314,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6346,9 +6346,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 784,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6403,7 +6403,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6435,9 +6435,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6492,7 +6492,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6524,9 +6524,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6581,7 +6581,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6613,9 +6613,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6670,7 +6670,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6702,9 +6702,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6759,7 +6759,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6791,9 +6791,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 10706,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6848,7 +6848,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6880,9 +6880,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -6937,7 +6937,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -6969,9 +6969,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 614,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7026,7 +7026,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7058,9 +7058,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7115,7 +7115,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7147,9 +7147,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** \u003ctd\u003e\u003c%=username%\u003e\u003c/td\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** <td><%=username%></td>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7204,7 +7204,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7236,9 +7236,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7293,7 +7293,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7325,9 +7325,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7382,7 +7382,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7414,9 +7414,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7471,7 +7471,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7503,9 +7503,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7560,7 +7560,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7592,9 +7592,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7649,7 +7649,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7681,9 +7681,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7738,7 +7738,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7770,9 +7770,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7827,7 +7827,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7859,9 +7859,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -7916,7 +7916,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -7948,9 +7948,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 315,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8005,7 +8005,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8037,9 +8037,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8094,7 +8094,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8126,9 +8126,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8183,7 +8183,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8215,9 +8215,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getInt(\"userid\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"name\") +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"<td>\" + rs.getInt(\"userid\") + \"</td><td>\" + rs.getString(\"name\") +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8272,7 +8272,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8304,9 +8304,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8361,7 +8361,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8393,9 +8393,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8450,7 +8450,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8482,9 +8482,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 244,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8539,7 +8539,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8571,9 +8571,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8628,7 +8628,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8660,9 +8660,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 384,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8717,7 +8717,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8749,9 +8749,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\u003c/TD\u003e\u003cTD\u003e\" + rs.getString(\"PRICE\") + \"\u003c/TD\u003e\u003c/TR\u003e\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\u003c/TD\u003e\u003cTD\u003e\" + rs.getString(\"PRICE\") + \"\u003c/TD\u003e\u003c/TR\u003e\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\u003cTR\u003e\u003cTD\u003e\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\u003cTR\u003e\u003cTD\u003e\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** \u003c%= output %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"</TD><TD>\" + rs.getString(\"PRICE\") + \"</TD></TR>\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"</TD><TD>\" + rs.getString(\"PRICE\") + \"</TD></TR>\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"<TR><TD>\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"<TR><TD>\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** <%= output %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8806,7 +8806,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8838,9 +8838,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8895,7 +8895,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -8927,9 +8927,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -8984,7 +8984,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9016,9 +9016,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9073,7 +9073,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9105,9 +9105,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 10706,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9162,7 +9162,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9194,9 +9194,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9251,7 +9251,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9283,9 +9283,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\u003c/a\u003e\u003c/td\u003e\u003ctd\u003e\" + type + \"\u003c/td\u003e\u003ctd align=\\\"right\\\"\u003e\" + nf.format(price) + \"\u003c/td\u003e\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"</a></td><td>\" + type + \"</td><td align=\\\"right\\\">\" + nf.format(price) + \"</td>\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9340,7 +9340,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9372,9 +9372,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9429,7 +9429,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9461,9 +9461,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9518,7 +9518,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9550,9 +9550,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9607,7 +9607,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9639,9 +9639,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9696,7 +9696,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9728,9 +9728,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9785,7 +9785,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9817,9 +9817,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9874,7 +9874,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9906,9 +9906,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 362,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\u003ctd align=\\\"right\\\"\u003e\" + nf.format(pricetopay) + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"<td align=\\\"right\\\">\" + nf.format(pricetopay) + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -9963,7 +9963,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -9995,9 +9995,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10052,7 +10052,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10084,9 +10084,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10141,7 +10141,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10173,9 +10173,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \u003cinput type=\"hidden\" id=\"user\" name=\"\u003c%=username%\u003e\" value=\"\"/\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** <input type=\"hidden\" id=\"user\" name=\"<%=username%>\" value=\"\"/>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10230,7 +10230,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10262,9 +10262,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 338,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10319,7 +10319,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10351,9 +10351,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10408,7 +10408,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10440,9 +10440,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10497,7 +10497,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10529,9 +10529,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10586,7 +10586,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10618,9 +10618,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10675,7 +10675,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10707,9 +10707,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10764,7 +10764,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10796,9 +10796,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 601,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** \u003ca href=\"javascript:window.location=window.location.href\"\u003eNew Search\u003c/a\u003e\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** \u003ca href=\"javascript:window.location=window.location.href\"\u003eNew Search\u003c/a\u003e\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** <a href=\"javascript:window.location=window.location.href\">New Search</a>\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** <a href=\"javascript:window.location=window.location.href\">New Search</a>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10853,7 +10853,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10885,9 +10885,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -10942,7 +10942,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -10974,9 +10974,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11031,7 +11031,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11063,9 +11063,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 330,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11120,7 +11120,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11152,9 +11152,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 829,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \u003c?xml version=\"1.0\" encoding=\"ISO-8859-1\"?\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** <?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11209,7 +11209,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11241,9 +11241,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"\u003cscript\u003ealert(\\\"xss\\\")\u003c/script\u003e\") \u003e= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** \u003cb\u003eYou searched for:\u003c/b\u003e \u003c%= query %\u003e\u003cbr/\u003e\u003cbr/\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"<script>alert(\\\"xss\\\")</script>\") >= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** <b>You searched for:</b> <%= query %><br/><br/>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11298,7 +11298,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11330,9 +11330,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 614,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11387,7 +11387,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11419,9 +11419,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11476,7 +11476,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11508,9 +11508,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 321,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11565,7 +11565,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11597,9 +11597,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 784,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11654,7 +11654,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11686,9 +11686,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"name\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"comment\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"name\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"comment\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"name\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"comment\") + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"<td>\" + rs.getString(\"name\") + \"</td><td>\" + rs.getString(\"comment\") + \"</td>\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"<td>\" + rs.getString(\"name\") + \"</td><td>\" + rs.getString(\"comment\") + \"</td>\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"<td>\" + rs.getString(\"name\") + \"</td><td>\" + rs.getString(\"comment\") + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11743,7 +11743,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11775,9 +11775,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getInt(\"userid\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"name\") +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"<td>\" + rs.getInt(\"userid\") + \"</td><td>\" + rs.getString(\"name\") +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11832,7 +11832,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11864,9 +11864,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 244,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -11921,7 +11921,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -11953,9 +11953,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12010,7 +12010,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12042,9 +12042,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") \u003e= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") >= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12099,7 +12099,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12131,9 +12131,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12188,7 +12188,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12220,9 +12220,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \u003ca href=\\\"password.jsp\\\"\u003e\" + username + \"\u003c/a\u003e\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \u003ca href=\\\"password.jsp\\\"\u003e\" + username + \"\u003c/a\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: <a href=\\\"password.jsp\\\">\" + username + \"</a>\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: <a href=\\\"password.jsp\\\">\" + username + \"</a>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12277,7 +12277,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12309,9 +12309,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12366,7 +12366,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12398,9 +12398,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 10706,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \u003c?xml version=\"1.0\" encoding=\"ISO-8859-1\"?\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** <?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12455,7 +12455,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12487,9 +12487,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 321,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12544,7 +12544,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12576,9 +12576,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12633,7 +12633,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12665,9 +12665,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12722,7 +12722,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12754,9 +12754,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12811,7 +12811,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12843,9 +12843,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12900,7 +12900,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -12932,9 +12932,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -12989,7 +12989,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13021,9 +13021,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13078,7 +13078,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13110,9 +13110,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13167,7 +13167,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13199,9 +13199,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13256,7 +13256,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13288,9 +13288,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13345,7 +13345,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13377,9 +13377,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 784,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13434,7 +13434,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13466,9 +13466,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13523,7 +13523,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13555,9 +13555,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 567,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13612,7 +13612,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13644,9 +13644,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13701,7 +13701,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13733,9 +13733,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13790,7 +13790,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13822,9 +13822,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13879,7 +13879,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -13911,9 +13911,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 384,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -13968,7 +13968,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14000,9 +14000,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14057,7 +14057,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14089,9 +14089,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14146,7 +14146,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14178,9 +14178,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14235,7 +14235,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14267,9 +14267,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14324,7 +14324,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14356,9 +14356,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14413,7 +14413,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14445,9 +14445,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14502,7 +14502,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14534,9 +14534,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14591,7 +14591,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14623,9 +14623,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14680,7 +14680,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14712,9 +14712,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14769,7 +14769,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14801,9 +14801,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 330,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14858,7 +14858,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14890,9 +14890,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \u003cinput type=\"hidden\" id=\"user\" name=\"\u003c%=username%\u003e\" value=\"\"/\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** <input type=\"hidden\" id=\"user\" name=\"<%=username%>\" value=\"\"/>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -14947,7 +14947,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -14979,9 +14979,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 10706,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15036,7 +15036,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15068,9 +15068,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 614,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15125,7 +15125,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15157,9 +15157,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15214,7 +15214,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15246,9 +15246,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 362,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\u003c/td\u003e\u003c/td\u003e\u003ctd align=\\\"right\\\"\u003e\" + nf.format(price) + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"</td></td><td align=\\\"right\\\">\" + nf.format(price) + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15303,7 +15303,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15335,9 +15335,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15392,7 +15392,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15424,9 +15424,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15481,7 +15481,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15513,9 +15513,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 244,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15570,7 +15570,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15602,9 +15602,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15659,7 +15659,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15691,9 +15691,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15748,7 +15748,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15780,9 +15780,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15837,7 +15837,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15869,9 +15869,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 352,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -15926,7 +15926,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -15958,9 +15958,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16015,7 +16015,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16047,9 +16047,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16104,7 +16104,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16136,9 +16136,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16193,7 +16193,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16225,9 +16225,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16282,7 +16282,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16314,9 +16314,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 829,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84)\n\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16371,7 +16371,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16403,9 +16403,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16460,7 +16460,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16492,9 +16492,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16549,7 +16549,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16581,9 +16581,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16638,7 +16638,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16670,9 +16670,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 10706,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16727,7 +16727,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16759,9 +16759,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16816,7 +16816,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16848,9 +16848,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16905,7 +16905,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -16937,9 +16937,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 330,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n",
+      "description": "**Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -16994,7 +16994,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17026,9 +17026,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17083,7 +17083,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17115,9 +17115,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17172,7 +17172,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17204,9 +17204,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\u003c/a\u003e\u003c/td\u003e\u003ctd\u003e\" + type + \"\u003c/td\u003e\u003ctd align=\\\"right\\\"\u003e\" + nf.format(price) + \"\u003c/td\u003e\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"</a></td><td>\" + type + \"</td><td align=\\\"right\\\">\" + nf.format(price) + \"</td>\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17261,7 +17261,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17293,9 +17293,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 329,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17350,7 +17350,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17382,9 +17382,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 182,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17439,7 +17439,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17471,9 +17471,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 646,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17528,7 +17528,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17560,9 +17560,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17617,7 +17617,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17649,9 +17649,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17706,7 +17706,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17738,9 +17738,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 244,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17795,7 +17795,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17827,9 +17827,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 338,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17884,7 +17884,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -17916,9 +17916,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 501,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -17973,7 +17973,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18005,9 +18005,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\u003cbr/\u003e\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\u003cbr/\u003e\" + e);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.<br/>\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.<br/>\" + e);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18062,7 +18062,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18094,9 +18094,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 784,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18151,7 +18151,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18183,9 +18183,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18240,7 +18240,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18272,9 +18272,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18329,7 +18329,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18361,9 +18361,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18418,7 +18418,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18450,9 +18450,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18507,7 +18507,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18539,9 +18539,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 10706,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18596,7 +18596,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18628,9 +18628,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18685,7 +18685,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18717,9 +18717,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 614,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18774,7 +18774,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18806,9 +18806,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18863,7 +18863,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18895,9 +18895,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** \u003ctd\u003e\u003c%=username%\u003e\u003c/td\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** <td><%=username%></td>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -18952,7 +18952,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -18984,9 +18984,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19041,7 +19041,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19073,9 +19073,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19130,7 +19130,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19162,9 +19162,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19219,7 +19219,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19251,9 +19251,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19308,7 +19308,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19340,9 +19340,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19397,7 +19397,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19429,9 +19429,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19486,7 +19486,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19518,9 +19518,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19575,7 +19575,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19607,9 +19607,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19664,7 +19664,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19696,9 +19696,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 315,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19753,7 +19753,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19785,9 +19785,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19842,7 +19842,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19874,9 +19874,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -19931,7 +19931,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -19963,9 +19963,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getInt(\"userid\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"name\") +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"<td>\" + rs.getInt(\"userid\") + \"</td><td>\" + rs.getString(\"name\") +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20020,7 +20020,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20052,9 +20052,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20109,7 +20109,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20141,9 +20141,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20198,7 +20198,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20230,9 +20230,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 244,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20287,7 +20287,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20319,9 +20319,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20376,7 +20376,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20408,9 +20408,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 384,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20465,7 +20465,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20497,9 +20497,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\u003c/TD\u003e\u003cTD\u003e\" + rs.getString(\"PRICE\") + \"\u003c/TD\u003e\u003c/TR\u003e\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\u003c/TD\u003e\u003cTD\u003e\" + rs.getString(\"PRICE\") + \"\u003c/TD\u003e\u003c/TR\u003e\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\u003cTR\u003e\u003cTD\u003e\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\u003cTR\u003e\u003cTD\u003e\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** \u003c%= output %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"</TD><TD>\" + rs.getString(\"PRICE\") + \"</TD></TR>\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"</TD><TD>\" + rs.getString(\"PRICE\") + \"</TD></TR>\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"<TR><TD>\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"<TR><TD>\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** <%= output %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20554,7 +20554,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20586,9 +20586,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20643,7 +20643,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20675,9 +20675,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20732,7 +20732,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20764,9 +20764,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20821,7 +20821,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20853,9 +20853,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 10706,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20910,7 +20910,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -20942,9 +20942,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -20999,7 +20999,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21031,9 +21031,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\u003c/a\u003e\u003c/td\u003e\u003ctd\u003e\" + type + \"\u003c/td\u003e\u003ctd align=\\\"right\\\"\u003e\" + nf.format(price) + \"\u003c/td\u003e\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"</a></td><td>\" + type + \"</td><td align=\\\"right\\\">\" + nf.format(price) + \"</td>\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21088,7 +21088,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21120,9 +21120,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21177,7 +21177,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21209,9 +21209,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21266,7 +21266,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21298,9 +21298,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21355,7 +21355,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21387,9 +21387,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21444,7 +21444,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21476,9 +21476,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21533,7 +21533,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21565,9 +21565,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21622,7 +21622,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21654,9 +21654,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 362,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\u003ctd align=\\\"right\\\"\u003e\" + nf.format(pricetopay) + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"<td align=\\\"right\\\">\" + nf.format(pricetopay) + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21711,7 +21711,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21743,9 +21743,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21800,7 +21800,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21832,9 +21832,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21889,7 +21889,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -21921,9 +21921,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \u003cinput type=\"hidden\" id=\"user\" name=\"\u003c%=username%\u003e\" value=\"\"/\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** <input type=\"hidden\" id=\"user\" name=\"<%=username%>\" value=\"\"/>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -21978,7 +21978,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22010,9 +22010,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 338,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22067,7 +22067,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22099,9 +22099,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22156,7 +22156,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22188,9 +22188,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22245,7 +22245,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22277,9 +22277,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22334,7 +22334,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22366,9 +22366,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22423,7 +22423,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22455,9 +22455,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22512,7 +22512,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22544,9 +22544,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 601,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** \u003ca href=\"javascript:window.location=window.location.href\"\u003eNew Search\u003c/a\u003e\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** \u003ca href=\"javascript:window.location=window.location.href\"\u003eNew Search\u003c/a\u003e\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** <a href=\"javascript:window.location=window.location.href\">New Search</a>\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** <a href=\"javascript:window.location=window.location.href\">New Search</a>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22601,7 +22601,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22633,9 +22633,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22690,7 +22690,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22722,9 +22722,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22779,7 +22779,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22811,9 +22811,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 330,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22868,7 +22868,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22900,9 +22900,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 829,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \u003c?xml version=\"1.0\" encoding=\"ISO-8859-1\"?\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** <?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -22957,7 +22957,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -22989,9 +22989,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"\u003cscript\u003ealert(\\\"xss\\\")\u003c/script\u003e\") \u003e= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** \u003cb\u003eYou searched for:\u003c/b\u003e \u003c%= query %\u003e\u003cbr/\u003e\u003cbr/\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"<script>alert(\\\"xss\\\")</script>\") >= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** <b>You searched for:</b> <%= query %><br/><br/>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23046,7 +23046,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23078,9 +23078,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 614,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23135,7 +23135,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23167,9 +23167,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23224,7 +23224,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23256,9 +23256,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 321,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23313,7 +23313,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23345,9 +23345,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 784,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23402,7 +23402,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23434,9 +23434,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"name\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"comment\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"name\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"comment\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"name\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"comment\") + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"<td>\" + rs.getString(\"name\") + \"</td><td>\" + rs.getString(\"comment\") + \"</td>\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"<td>\" + rs.getString(\"name\") + \"</td><td>\" + rs.getString(\"comment\") + \"</td>\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"<td>\" + rs.getString(\"name\") + \"</td><td>\" + rs.getString(\"comment\") + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23491,7 +23491,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23523,9 +23523,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getInt(\"userid\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"name\") +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"<td>\" + rs.getInt(\"userid\") + \"</td><td>\" + rs.getString(\"name\") +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23580,7 +23580,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23612,9 +23612,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 244,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23669,7 +23669,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23701,9 +23701,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23758,7 +23758,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23790,9 +23790,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") \u003e= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") >= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23847,7 +23847,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23879,9 +23879,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -23936,7 +23936,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -23968,9 +23968,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \u003ca href=\\\"password.jsp\\\"\u003e\" + username + \"\u003c/a\u003e\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \u003ca href=\\\"password.jsp\\\"\u003e\" + username + \"\u003c/a\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: <a href=\\\"password.jsp\\\">\" + username + \"</a>\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: <a href=\\\"password.jsp\\\">\" + username + \"</a>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24025,7 +24025,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24057,9 +24057,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24114,7 +24114,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24146,9 +24146,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 10706,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \u003c?xml version=\"1.0\" encoding=\"ISO-8859-1\"?\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** <?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24203,7 +24203,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24235,9 +24235,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 321,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24292,7 +24292,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24324,9 +24324,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24381,7 +24381,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24413,9 +24413,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24470,7 +24470,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24502,9 +24502,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24559,7 +24559,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24591,9 +24591,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24648,7 +24648,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24680,9 +24680,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24737,7 +24737,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24769,9 +24769,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24826,7 +24826,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24858,9 +24858,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -24915,7 +24915,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -24947,9 +24947,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25004,7 +25004,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25036,9 +25036,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25093,7 +25093,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25125,9 +25125,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 784,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25182,7 +25182,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25214,9 +25214,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25271,7 +25271,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25303,9 +25303,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 567,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25360,7 +25360,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25392,9 +25392,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25449,7 +25449,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25481,9 +25481,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25538,7 +25538,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25570,9 +25570,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25627,7 +25627,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25659,9 +25659,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 384,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25716,7 +25716,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25748,9 +25748,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25805,7 +25805,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25837,9 +25837,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25894,7 +25894,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -25926,9 +25926,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -25983,7 +25983,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26015,9 +26015,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -26072,7 +26072,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26104,9 +26104,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -26161,7 +26161,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26193,9 +26193,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -26250,7 +26250,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26282,9 +26282,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -26339,7 +26339,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26371,9 +26371,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -26428,7 +26428,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26460,9 +26460,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -26517,7 +26517,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26549,9 +26549,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 330,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -26606,7 +26606,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26638,9 +26638,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \u003cinput type=\"hidden\" id=\"user\" name=\"\u003c%=username%\u003e\" value=\"\"/\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** <input type=\"hidden\" id=\"user\" name=\"<%=username%>\" value=\"\"/>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -26695,7 +26695,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26727,9 +26727,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 10706,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -26784,7 +26784,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26816,9 +26816,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 614,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -26873,7 +26873,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26905,9 +26905,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -26962,7 +26962,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -26994,9 +26994,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 362,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\u003c/td\u003e\u003c/td\u003e\u003ctd align=\\\"right\\\"\u003e\" + nf.format(price) + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"</td></td><td align=\\\"right\\\">\" + nf.format(price) + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -27051,7 +27051,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -27083,9 +27083,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -27140,7 +27140,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -27172,9 +27172,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -27229,7 +27229,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -27261,9 +27261,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 244,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -27318,7 +27318,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -27350,9 +27350,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -27407,7 +27407,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -27439,9 +27439,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -27496,7 +27496,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -27528,9 +27528,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -27585,7 +27585,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -27617,9 +27617,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 352,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -27674,7 +27674,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -27706,9 +27706,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -27763,7 +27763,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -27795,9 +27795,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -27852,7 +27852,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -27884,9 +27884,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=288](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=288)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=289](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=289)\n\n**Line Number:** 1\n**Column:** 680\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=288](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=288)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=289](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=289)\n\n**Line Number:** 1\n**Column:** 680\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -27941,7 +27941,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -27973,9 +27973,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=121](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=121)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=122](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=122)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=123](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=123)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=124](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=124)\n\n**Line Number:** 12\n**Column:** 383\n**Source Object:** execute\n**Number:** 12\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_ADMIN'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=121](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=121)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=122](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=122)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=123](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=123)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=124](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=124)\n\n**Line Number:** 12\n**Column:** 383\n**Source Object:** execute\n**Number:** 12\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_ADMIN'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -28030,7 +28030,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -28062,9 +28062,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 338,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=14](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=14)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=14](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=14)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -28119,7 +28119,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -28151,9 +28151,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=463](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=463)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=464](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=464)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=465](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=465)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=466](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=466)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=467](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=467)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=468](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=468)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=469](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=469)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=470](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=470)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=471](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=471)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=472](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=472)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=473](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=473)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=474](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=474)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=475](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=475)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=476](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=476)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=477](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=477)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=478](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=478)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=479](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=479)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=480](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=480)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=481](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=481)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=482](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=482)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=483](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=483)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=484](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=484)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=485](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=485)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=486](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=486)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=487](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=487)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=488](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=488)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=489](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=489)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=490](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=490)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=491](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=491)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=492](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=492)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=493](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=493)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=494](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=494)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=495](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=495)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=496](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=496)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=497](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=497)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=498](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=498)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=499](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=499)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=500](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=500)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=501](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=501)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=502](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=502)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=503](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=503)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=504](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=504)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=505](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=505)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=506](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=506)\n\n**Line Number:** 24\n**Column:** 377\n**Source Object:** conn\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 398\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 370\n**Source Object:** stmt\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 27\n**Column:** 353\n**Source Object:** stmt\n**Number:** 27\n**Code:** stmt.setString(1, username);\n-----\n**Line Number:** 28\n**Column:** 353\n**Source Object:** stmt\n**Number:** 28\n**Code:** stmt.setString(2, comments);\n-----\n**Line Number:** 29\n**Column:** 365\n**Source Object:** execute\n**Number:** 29\n**Code:** stmt.execute();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=463](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=463)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=464](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=464)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=465](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=465)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=466](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=466)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=467](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=467)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=468](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=468)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=469](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=469)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=470](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=470)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=471](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=471)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=472](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=472)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=473](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=473)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=474](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=474)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=475](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=475)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=476](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=476)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=477](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=477)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=478](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=478)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=479](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=479)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=480](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=480)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=481](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=481)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=482](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=482)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=483](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=483)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=484](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=484)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=485](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=485)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=486](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=486)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=487](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=487)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=488](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=488)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=489](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=489)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=490](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=490)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=491](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=491)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=492](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=492)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=493](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=493)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=494](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=494)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=495](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=495)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=496](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=496)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=497](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=497)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=498](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=498)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=499](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=499)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=500](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=500)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=501](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=501)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=502](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=502)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=503](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=503)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=504](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=504)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=505](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=505)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=506](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=506)\n\n**Line Number:** 24\n**Column:** 377\n**Source Object:** conn\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 398\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 370\n**Source Object:** stmt\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 27\n**Column:** 353\n**Source Object:** stmt\n**Number:** 27\n**Code:** stmt.setString(1, username);\n-----\n**Line Number:** 28\n**Column:** 353\n**Source Object:** stmt\n**Number:** 28\n**Code:** stmt.setString(2, comments);\n-----\n**Line Number:** 29\n**Column:** 365\n**Source Object:** execute\n**Number:** 29\n**Code:** stmt.execute();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -28208,7 +28208,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -28240,9 +28240,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=333](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=333)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=333](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=333)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -28297,7 +28297,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -28329,9 +28329,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 330,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=23](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=23)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=23](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=23)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -28386,7 +28386,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -28418,9 +28418,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=339](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=339)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=339](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=339)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -28475,7 +28475,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -28507,7 +28507,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": null,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "asdf",
       "duplicate": false,
@@ -28594,7 +28594,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 1035,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer\n\nStack-based buffer overflow in LexRuby.cxx (SciLexer.dll) in Scintilla 1.73, as used by notepad++ 4.1.1 and earlier, allows user-assisted remote attackers to execute arbitrary code via certain Ruby (.rb) files with long lines.  NOTE: this was originally reported as a vulnerability in notepad++.",
       "duplicate": false,
@@ -28651,7 +28651,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-01-03",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -28683,7 +28683,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 1035,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')\n\nThe GUP generic update process in Notepad++ before 4.8.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.",
       "duplicate": false,
@@ -28740,7 +28740,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-01-03",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -28772,7 +28772,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Account\\ViewAccountInfo.aspx.cs\nLine: 22\nCodeLine: ContactName is being repurposed as the foreign key to the user table.  Kludgey, I know.\n",
       "duplicate": false,
@@ -28861,7 +28861,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Medium\nDescription: The application is configured to return .NET debug information. This can provide an attacker with useful information and should not be used in a live application.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Web.config\nLine: 25\n",
       "duplicate": false,
@@ -28918,7 +28918,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -28950,7 +28950,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Standard\nDescription: The URL used in the HTTP request appears to be loaded from a variable. Check the code manually to ensure that malicious URLs cannot be submitted by an attacker.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\PackageTracking.aspx.cs\nLine: 72\nCodeLine:             Response.Redirect(Order.GetPackageTrackingUrl(_carrier, _trackingNumber));\n",
       "duplicate": false,
@@ -29007,7 +29007,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -29039,7 +29039,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\XtremelyEvilWebApp\\StealCookies.aspx.cs\nLine: 19\nCodeLine: TODO: Mail the cookie in real time.\n",
       "duplicate": false,
@@ -29128,7 +29128,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Infrastructure\\CustomerRepository.cs\nLine: 41\nCodeLine: TODO: Add try/catch logic\n",
       "duplicate": false,
@@ -29217,7 +29217,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Infrastructure\\ShipperRepository.cs\nLine: 37\nCodeLine: / TODO: Use the check digit algorithms to make it realistic.\n",
       "duplicate": false,
@@ -29306,7 +29306,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Medium\nDescription: The application is configured to return .NET debug information. This can provide an attacker with useful information and should not be used in a live application.\nFileName: C:\\Projects\\WebGoat.Net\\XtremelyEvilWebApp\\Web.config\nLine: 6\n",
       "duplicate": false,
@@ -29363,7 +29363,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -29395,7 +29395,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Product.aspx.cs\nLine: 58\nCodeLine: TODO: Put this in try/catch as well\n",
       "duplicate": false,
@@ -29484,7 +29484,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Checkout\\Checkout.aspx.cs\nLine: 145\nCodeLine: TODO: Uncommenting this line causes EF to throw exception when creating the order.\n",
       "duplicate": false,
@@ -29573,7 +29573,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Core\\Order.cs\nLine: 27\nCodeLine: TODO: Shipments and Payments should be singular.  Like customer.\n",
       "duplicate": false,
@@ -29662,7 +29662,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Standard\nDescription: The URL used in the HTTP request appears to be loaded from a variable. Check the code manually to ensure that malicious URLs cannot be submitted by an attacker.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Account\\Register.aspx.cs\nLine: 35\nCodeLine:             Response.Redirect(continueUrl);\n",
       "duplicate": false,
@@ -29719,7 +29719,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -29751,7 +29751,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Infrastructure\\BlogResponseRepository.cs\nLine: 18\nCodeLine: TODO: should put this in a try/catch\n",
       "duplicate": false,
@@ -29840,7 +29840,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Infrastructure\\BlogEntryRepository.cs\nLine: 18\nCodeLine: TODO: should put this in a try/catch\n",
       "duplicate": false,
@@ -29929,7 +29929,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Standard\nDescription: The URL used in the HTTP request appears to be loaded from a variable. Check the code manually to ensure that malicious URLs cannot be submitted by an attacker.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\PackageTracking.aspx.cs\nLine: 25\nCodeLine:                     Response.Redirect(Order.GetPackageTrackingUrl(_carrier, _trackingNumber));\n",
       "duplicate": false,
@@ -29986,7 +29986,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -30018,7 +30018,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Core\\Cart.cs\nLine: 16\nCodeLine: TODO: Refactor this. Use LINQ with aggregation to get SUM.\n",
       "duplicate": false,
@@ -30107,7 +30107,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Core\\Cart.cs\nLine: 41\nCodeLine: TODO: Add ability to delete an orderDetail and to change quantities.\n",
       "duplicate": false,
@@ -30196,7 +30196,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Product.aspx.cs\nLine: 59\nCodeLine: TODO: Feels like this is too much business logic.  Should be moved to OrderDetail constructor?\n",
       "duplicate": false,
@@ -30285,7 +30285,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Checkout\\Checkout.aspx.cs\nLine: 102\nCodeLine: TODO: Throws an error if we don't set the date. Try to set it to null or something.\n",
       "duplicate": false,
@@ -30374,7 +30374,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/password.jsp\n\nThe page contains a form with the following action URL:\n\n  * http://localhost:8888/bodgeit/password.jsp\n\nThe form contains the following password fields with autocomplete enabled:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe page contains a form with the following action URL:\n\n  * http://localhost:8888/bodgeit/register.jsp\n\nThe form contains the following password fields with autocomplete enabled:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe page contains a form with the following action URL:\n\n  * http://localhost:8888/bodgeit/login.jsp\n\nThe form contains the following password field with autocomplete enabled:\n  * password\n\n\n\n",
       "duplicate": false,
@@ -30431,7 +30431,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -30463,7 +30463,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/logout.jsp\n\n\nURL: http://localhost:8888/\n\n\nURL: http://localhost:8888/bodgeit/search.jsp\n\n\nURL: http://localhost:8888/bodgeit/score.jsp\n\n\nURL: http://localhost:8888/bodgeit/product.jsp\n\n\nURL: http://localhost:8888/bodgeit/password.jsp\n\n\nURL: http://localhost:8888/bodgeit/home.jsp\n\n\nURL: http://localhost:8888/bodgeit/contact.jsp\n\n\nURL: http://localhost:8888/bodgeit/about.jsp\n\n\nURL: http://localhost:8888/bodgeit/admin.jsp\n\n\nURL: http://localhost:8888/bodgeit/advanced.jsp\n\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\n\nURL: http://localhost:8888/bodgeit/\n\n\n",
       "duplicate": false,
@@ -30552,9 +30552,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
-      "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto \u003cscript\u003ealert(1)\u003c/script\u003enwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 \u003cscript\u003ealert(1)\u003c/script\u003ejledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n",
+      "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto <script>alert(1)</script>nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 <script>alert(1)</script>jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": true,
@@ -30583,7 +30583,7 @@
       "line": null,
       "mitigated": null,
       "mitigated_by": null,
-      "mitigation": "\n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including \u003c \u003e \" ' and =, should be replaced with the corresponding HTML entities (\u0026lt; \u0026gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n",
+      "mitigation": "\n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > \" ' and =, should be replaced with the corresponding HTML entities (&lt; &gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n",
       "nb_occurences": null,
       "notes": [],
       "numerical_severity": "S1",
@@ -30609,7 +30609,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-01-03",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -30641,7 +30641,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/\n\n\n",
       "duplicate": false,
@@ -30698,7 +30698,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -30730,7 +30730,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\n\n",
       "duplicate": false,
@@ -30787,7 +30787,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -30819,7 +30819,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/score.jsp\n\nThe following email addresses were disclosed in the response:\n\n  * admin@thebodgeitstore.com\n  * test@thebodgeitstore.com\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe following email address was disclosed in the response:\n\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/product.jsp\n\nThe following email address was disclosed in the response:\n\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/about.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/admin.jsp\n\nThe following email addresses were disclosed in the response:\n\n  * admin@thebodgeitstore.com\n  * test@test.com\n  * test@thebodgeitstore.com\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/advanced.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\n",
       "duplicate": false,
@@ -30908,7 +30908,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/login.jsp\n\nThe request appears to be vulnerable to cross-site request forgery (CSRF) attacks against unauthenticated functionality. This is unlikely to constitute a security vulnerability in its own right, however it may facilitate exploitation of other vulnerabilities affecting application users.\n\n",
       "duplicate": false,
@@ -30997,7 +30997,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/register.jsp\n\nThe **username** parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the username parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe **username** parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the username parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe **password** parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the password parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\nThe **b_id** cookie appears to be vulnerable to SQL injection attacks. The payload **'** was submitted in the b_id cookie, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.  \n  \nThe database appears to be Microsoft SQL Server.\n\n",
       "duplicate": false,
@@ -31054,7 +31054,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-01-03",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -31086,7 +31086,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/logout.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/score.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/product.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/password.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/home.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/contact.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/admin.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/advanced.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/about.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\n",
       "duplicate": false,
@@ -31117,7 +31117,7 @@
       "line": null,
       "mitigated": null,
       "mitigated_by": null,
-      "mitigation": "\n\nThe root cause of the vulnerability can be resolved by not using path-relative URLs in style sheet imports. Aside from this, attacks can also be prevented by implementing all of the following defensive measures: \n\n  * Setting the HTTP response header \"X-Frame-Options: deny\" in all responses. One method that an attacker can use to make a page render in quirks mode is to frame it within their own page that is rendered in quirks mode. Setting this header prevents the page from being framed.\n  * Setting a modern doctype (e.g. \"\u003c!doctype html\u003e\") in all HTML responses. This prevents the page from being rendered in quirks mode (unless it is being framed, as described above).\n  * Setting the HTTP response header \"X-Content-Type-Options: no sniff\" in all responses. This prevents the browser from processing a non-CSS response as CSS, even if another page loads the response via a style sheet import.\n\n\n",
+      "mitigation": "\n\nThe root cause of the vulnerability can be resolved by not using path-relative URLs in style sheet imports. Aside from this, attacks can also be prevented by implementing all of the following defensive measures: \n\n  * Setting the HTTP response header \"X-Frame-Options: deny\" in all responses. One method that an attacker can use to make a page render in quirks mode is to frame it within their own page that is rendered in quirks mode. Setting this header prevents the page from being framed.\n  * Setting a modern doctype (e.g. \"<!doctype html>\") in all HTML responses. This prevents the page from being rendered in quirks mode (unless it is being framed, as described above).\n  * Setting the HTTP response header \"X-Content-Type-Options: no sniff\" in all responses. This prevents the browser from processing a non-CSS response as CSS, even if another page loads the response via a style sheet import.\n\n\n",
       "nb_occurences": null,
       "notes": [],
       "numerical_severity": "S4",
@@ -31175,7 +31175,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/password.jsp\n\nThe page contains a form with the following action URL, which is submitted over clear-text HTTP:\n\n  * http://localhost:8888/bodgeit/password.jsp\n\nThe form contains the following password fields:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe page contains a form with the following action URL, which is submitted over clear-text HTTP:\n\n  * http://localhost:8888/bodgeit/register.jsp\n\nThe form contains the following password fields:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe page contains a form with the following action URL, which is submitted over clear-text HTTP:\n\n  * http://localhost:8888/bodgeit/login.jsp\n\nThe form contains the following password field:\n  * password\n\n\n\n",
       "duplicate": false,
@@ -31232,7 +31232,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-01-03",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -31264,7 +31264,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/xss/xss.go\nLine number: 59\nIssue Confidence: LOW\n\nCode:\ntemplate.HTML(notFound)\n",
       "duplicate": false,
@@ -31321,7 +31321,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -31353,7 +31353,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/xss/xss.go\nLine number: 58\nIssue Confidence: LOW\n\nCode:\ntemplate.HTML(value)\n",
       "duplicate": false,
@@ -31410,7 +31410,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -31442,7 +31442,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 165\nIssue Confidence: HIGH\n\nCode:\nhasher.Write([]byte(text))\n",
       "duplicate": false,
@@ -31499,7 +31499,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -31531,7 +31531,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 82\nIssue Confidence: HIGH\n\nCode:\np.GetData(sid)\n",
       "duplicate": false,
@@ -31588,7 +31588,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -31620,7 +31620,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/sqli/function.go\nLine number: 36-39\nIssue Confidence: HIGH\n\nCode:\nfmt.Sprintf(`SELECT p.user_id, p.full_name, p.city, p.phone_number \n\t\t\t\t\t\t\t\tFROM Profile as p,Users as u \n\t\t\t\t\t\t\t\twhere p.user_id = u.id \n\t\t\t\t\t\t\t\tand u.id=%s`,uid)\n",
       "duplicate": false,
@@ -31643,7 +31643,7 @@
       "is_mitigated": false,
       "kev_date": null,
       "known_exploited": false,
-      "last_reviewed": "2021-12-06T07:07:19Z",
+      "last_reviewed": "2025-11-06T23:46:52Z",
       "last_reviewed_by": [
         "admin"
       ],
@@ -31677,7 +31677,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -31709,7 +31709,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/user/user.go\nLine number: 8\nIssue Confidence: HIGH\n\nCode:\n\"crypto/md5\"\n",
       "duplicate": false,
@@ -31766,7 +31766,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -31798,7 +31798,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 124\nIssue Confidence: HIGH\n\nCode:\np.GetData(sid)\n",
       "duplicate": false,
@@ -31855,7 +31855,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -31887,7 +31887,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/csa/csa.go\nLine number: 63\nIssue Confidence: HIGH\n\nCode:\nhasher.Write([]byte(text))\n",
       "duplicate": false,
@@ -31944,7 +31944,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -31976,7 +31976,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 164\nIssue Confidence: HIGH\n\nCode:\nmd5.New()\n",
       "duplicate": false,
@@ -32033,7 +32033,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -32065,7 +32065,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/user/user.go\nLine number: 160\nIssue Confidence: HIGH\n\nCode:\nmd5.New()\n",
       "duplicate": false,
@@ -32122,7 +32122,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -32154,7 +32154,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/util/template.go\nLine number: 35\nIssue Confidence: HIGH\n\nCode:\nw.Write(b)\n",
       "duplicate": false,
@@ -32211,7 +32211,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -32243,7 +32243,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/util/middleware/middleware.go\nLine number: 70\nIssue Confidence: HIGH\n\nCode:\nsqlmapDetected, _ := regexp.MatchString(\"sqlmap*\", userAgent)\n",
       "duplicate": false,
@@ -32300,7 +32300,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -32332,7 +32332,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/util/middleware/middleware.go\nLine number: 73\nIssue Confidence: HIGH\n\nCode:\nw.Write([]byte(\"Forbidden\"))\n",
       "duplicate": false,
@@ -32389,7 +32389,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -32421,7 +32421,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/app.go\nLine number: 79\nIssue Confidence: HIGH\n\nCode:\ns.ListenAndServe()\n",
       "duplicate": false,
@@ -32478,7 +32478,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -32510,7 +32510,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/xss/xss.go\nLine number: 62\nIssue Confidence: LOW\n\nCode:\ntemplate.HTML(value)\n",
       "duplicate": false,
@@ -32567,7 +32567,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -32599,7 +32599,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/xss/xss.go\nLine number: 63\nIssue Confidence: LOW\n\nCode:\ntemplate.HTML(vuln)\n",
       "duplicate": false,
@@ -32656,7 +32656,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -32688,9 +32688,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
-      "description": "Filename: /vagrant/go/src/govwa/setting/setting.go\nLine number: 66\nIssue Confidence: HIGH\n\nCode:\n_ = db.QueryRow(sql).Scan(\u0026version)\n",
+      "description": "Filename: /vagrant/go/src/govwa/setting/setting.go\nLine number: 66\nIssue Confidence: HIGH\n\nCode:\n_ = db.QueryRow(sql).Scan(&version)\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -32745,7 +32745,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -32777,7 +32777,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/setting/setting.go\nLine number: 64\nIssue Confidence: HIGH\n\nCode:\ndb,_ := database.Connect()\n",
       "duplicate": false,
@@ -32834,7 +32834,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -32866,7 +32866,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/csa/csa.go\nLine number: 62\nIssue Confidence: HIGH\n\nCode:\nmd5.New()\n",
       "duplicate": false,
@@ -32923,7 +32923,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -32955,7 +32955,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/csa/csa.go\nLine number: 7\nIssue Confidence: HIGH\n\nCode:\n\"crypto/md5\"\n",
       "duplicate": false,
@@ -33012,7 +33012,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -33044,7 +33044,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 8\nIssue Confidence: HIGH\n\nCode:\n\"crypto/md5\"\n",
       "duplicate": false,
@@ -33101,7 +33101,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -33133,7 +33133,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/util/cookie.go\nLine number: 42\nIssue Confidence: HIGH\n\nCode:\ncookie, _ := r.Cookie(name)\n",
       "duplicate": false,
@@ -33190,7 +33190,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -33222,7 +33222,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 42\nIssue Confidence: HIGH\n\nCode:\np.GetData(sid)\n",
       "duplicate": false,
@@ -33279,7 +33279,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -33311,7 +33311,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/xss/xss.go\nLine number: 100\nIssue Confidence: LOW\n\nCode:\ntemplate.HTML(inlineJS)\n",
       "duplicate": false,
@@ -33368,7 +33368,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -33400,7 +33400,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 61\nIssue Confidence: HIGH\n\nCode:\np.GetData(sid)\n",
       "duplicate": false,
@@ -33457,7 +33457,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -33489,7 +33489,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/user/user.go\nLine number: 161\nIssue Confidence: HIGH\n\nCode:\nhasher.Write([]byte(text))\n",
       "duplicate": false,
@@ -33546,7 +33546,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -33578,7 +33578,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/util/template.go\nLine number: 41\nIssue Confidence: HIGH\n\nCode:\ntemplate.ExecuteTemplate(w, name, data)\n",
       "duplicate": false,
@@ -33635,7 +33635,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -33667,7 +33667,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/util/template.go\nLine number: 45\nIssue Confidence: LOW\n\nCode:\ntemplate.HTML(text)\n",
       "duplicate": false,
@@ -33724,7 +33724,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -33756,7 +33756,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/password.jsp\n\nThe page contains a form with the following action URL:\n\n  * http://localhost:8888/bodgeit/password.jsp\n\nThe form contains the following password fields with autocomplete enabled:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe page contains a form with the following action URL:\n\n  * http://localhost:8888/bodgeit/register.jsp\n\nThe form contains the following password fields with autocomplete enabled:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe page contains a form with the following action URL:\n\n  * http://localhost:8888/bodgeit/login.jsp\n\nThe form contains the following password field with autocomplete enabled:\n  * password\n\n\n\n",
       "duplicate": false,
@@ -33813,7 +33813,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -33845,7 +33845,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/logout.jsp\n\n\nURL: http://localhost:8888/\n\n\nURL: http://localhost:8888/bodgeit/search.jsp\n\n\nURL: http://localhost:8888/bodgeit/score.jsp\n\n\nURL: http://localhost:8888/bodgeit/product.jsp\n\n\nURL: http://localhost:8888/bodgeit/password.jsp\n\n\nURL: http://localhost:8888/bodgeit/home.jsp\n\n\nURL: http://localhost:8888/bodgeit/contact.jsp\n\n\nURL: http://localhost:8888/bodgeit/about.jsp\n\n\nURL: http://localhost:8888/bodgeit/admin.jsp\n\n\nURL: http://localhost:8888/bodgeit/advanced.jsp\n\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\n\nURL: http://localhost:8888/bodgeit/\n\n\n",
       "duplicate": false,
@@ -33934,9 +33934,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
-      "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto \u003cscript\u003ealert(1)\u003c/script\u003enwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 \u003cscript\u003ealert(1)\u003c/script\u003ejledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n",
+      "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto <script>alert(1)</script>nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 <script>alert(1)</script>jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": true,
@@ -33965,7 +33965,7 @@
       "line": null,
       "mitigated": null,
       "mitigated_by": null,
-      "mitigation": "\n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including \u003c \u003e \" ' and =, should be replaced with the corresponding HTML entities (\u0026lt; \u0026gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n",
+      "mitigation": "\n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > \" ' and =, should be replaced with the corresponding HTML entities (&lt; &gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n",
       "nb_occurences": null,
       "notes": [],
       "numerical_severity": "S1",
@@ -33991,7 +33991,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-01-03",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -34023,7 +34023,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/\n\n\n",
       "duplicate": false,
@@ -34080,7 +34080,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -34112,7 +34112,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\n\n",
       "duplicate": false,
@@ -34169,7 +34169,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -34201,7 +34201,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/score.jsp\n\nThe following email addresses were disclosed in the response:\n\n  * admin@thebodgeitstore.com\n  * test@thebodgeitstore.com\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe following email address was disclosed in the response:\n\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/product.jsp\n\nThe following email address was disclosed in the response:\n\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/about.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/admin.jsp\n\nThe following email addresses were disclosed in the response:\n\n  * admin@thebodgeitstore.com\n  * test@test.com\n  * test@thebodgeitstore.com\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/advanced.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\n",
       "duplicate": false,
@@ -34290,7 +34290,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/login.jsp\n\nThe request appears to be vulnerable to cross-site request forgery (CSRF) attacks against unauthenticated functionality. This is unlikely to constitute a security vulnerability in its own right, however it may facilitate exploitation of other vulnerabilities affecting application users.\n\n",
       "duplicate": false,
@@ -34379,7 +34379,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/register.jsp\n\nThe **username** parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the username parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe **username** parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the username parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe **password** parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the password parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\nThe **b_id** cookie appears to be vulnerable to SQL injection attacks. The payload **'** was submitted in the b_id cookie, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.  \n  \nThe database appears to be Microsoft SQL Server.\n\n",
       "duplicate": false,
@@ -34436,7 +34436,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-01-03",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -34468,7 +34468,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/logout.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/score.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/product.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/password.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/home.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/contact.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/admin.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/advanced.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/about.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\n",
       "duplicate": false,
@@ -34499,7 +34499,7 @@
       "line": null,
       "mitigated": null,
       "mitigated_by": null,
-      "mitigation": "\n\nThe root cause of the vulnerability can be resolved by not using path-relative URLs in style sheet imports. Aside from this, attacks can also be prevented by implementing all of the following defensive measures: \n\n  * Setting the HTTP response header \"X-Frame-Options: deny\" in all responses. One method that an attacker can use to make a page render in quirks mode is to frame it within their own page that is rendered in quirks mode. Setting this header prevents the page from being framed.\n  * Setting a modern doctype (e.g. \"\u003c!doctype html\u003e\") in all HTML responses. This prevents the page from being rendered in quirks mode (unless it is being framed, as described above).\n  * Setting the HTTP response header \"X-Content-Type-Options: no sniff\" in all responses. This prevents the browser from processing a non-CSS response as CSS, even if another page loads the response via a style sheet import.\n\n\n",
+      "mitigation": "\n\nThe root cause of the vulnerability can be resolved by not using path-relative URLs in style sheet imports. Aside from this, attacks can also be prevented by implementing all of the following defensive measures: \n\n  * Setting the HTTP response header \"X-Frame-Options: deny\" in all responses. One method that an attacker can use to make a page render in quirks mode is to frame it within their own page that is rendered in quirks mode. Setting this header prevents the page from being framed.\n  * Setting a modern doctype (e.g. \"<!doctype html>\") in all HTML responses. This prevents the page from being rendered in quirks mode (unless it is being framed, as described above).\n  * Setting the HTTP response header \"X-Content-Type-Options: no sniff\" in all responses. This prevents the browser from processing a non-CSS response as CSS, even if another page loads the response via a style sheet import.\n\n\n",
       "nb_occurences": null,
       "notes": [],
       "numerical_severity": "S4",
@@ -34557,7 +34557,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/password.jsp\n\nThe page contains a form with the following action URL, which is submitted over clear-text HTTP:\n\n  * http://localhost:8888/bodgeit/password.jsp\n\nThe form contains the following password fields:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe page contains a form with the following action URL, which is submitted over clear-text HTTP:\n\n  * http://localhost:8888/bodgeit/register.jsp\n\nThe form contains the following password fields:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe page contains a form with the following action URL, which is submitted over clear-text HTTP:\n\n  * http://localhost:8888/bodgeit/login.jsp\n\nThe form contains the following password field:\n  * password\n\n\n\n",
       "duplicate": false,
@@ -34614,7 +34614,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-01-03",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -34636,7 +34636,7 @@
   },
   {
     "fields": {
-      "date": "2021-04-09",
+      "date": "2025-03-10",
       "description": "test stub finding",
       "reporter": [
         "admin"
@@ -34650,7 +34650,7 @@
   },
   {
     "fields": {
-      "date": "2021-04-09",
+      "date": "2025-03-10",
       "description": "test stub finding",
       "reporter": [
         "admin"
@@ -34664,7 +34664,7 @@
   },
   {
     "fields": {
-      "date": "2021-04-09",
+      "date": "2025-03-10",
       "description": "test stub finding",
       "reporter": [
         "admin"
@@ -44666,8 +44666,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T19:31:16Z",
-      "modified": "2018-07-18T19:31:16Z",
+      "created": "2022-06-19T12:10:49Z",
+      "modified": "2022-06-19T12:10:49Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44681,8 +44681,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T19:31:30Z",
-      "modified": "2018-07-18T19:31:30Z",
+      "created": "2022-06-19T12:11:03Z",
+      "modified": "2022-06-19T12:11:03Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44696,8 +44696,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T19:31:45Z",
-      "modified": "2018-07-18T19:31:45Z",
+      "created": "2022-06-19T12:11:18Z",
+      "modified": "2022-06-19T12:11:18Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44711,8 +44711,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T19:52:57Z",
-      "modified": "2018-07-18T19:52:57Z",
+      "created": "2022-06-19T12:32:30Z",
+      "modified": "2022-06-19T12:32:30Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44726,8 +44726,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T19:53:37Z",
-      "modified": "2018-07-18T19:53:37Z",
+      "created": "2022-06-19T12:33:10Z",
+      "modified": "2022-06-19T12:33:10Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44741,8 +44741,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T19:54:20Z",
-      "modified": "2018-07-18T19:54:20Z",
+      "created": "2022-06-19T12:33:53Z",
+      "modified": "2022-06-19T12:33:53Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44756,8 +44756,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T19:54:34Z",
-      "modified": "2018-07-18T19:54:34Z",
+      "created": "2022-06-19T12:34:07Z",
+      "modified": "2022-06-19T12:34:07Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44771,8 +44771,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T19:54:48Z",
-      "modified": "2018-07-18T19:54:48Z",
+      "created": "2022-06-19T12:34:21Z",
+      "modified": "2022-06-19T12:34:21Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44786,8 +44786,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T19:55:00Z",
-      "modified": "2018-07-18T19:55:00Z",
+      "created": "2022-06-19T12:34:33Z",
+      "modified": "2022-06-19T12:34:33Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44801,8 +44801,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T19:55:20Z",
-      "modified": "2018-07-18T19:55:20Z",
+      "created": "2022-06-19T12:34:53Z",
+      "modified": "2022-06-19T12:34:53Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44816,8 +44816,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T19:56:24Z",
-      "modified": "2018-07-18T19:56:24Z",
+      "created": "2022-06-19T12:35:57Z",
+      "modified": "2022-06-19T12:35:57Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44831,8 +44831,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T19:57:22Z",
-      "modified": "2018-07-18T19:57:22Z",
+      "created": "2022-06-19T12:36:55Z",
+      "modified": "2022-06-19T12:36:55Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44846,8 +44846,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T19:57:34Z",
-      "modified": "2018-07-18T19:57:34Z",
+      "created": "2022-06-19T12:37:07Z",
+      "modified": "2022-06-19T12:37:07Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44861,8 +44861,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T19:57:55Z",
-      "modified": "2018-07-18T19:57:55Z",
+      "created": "2022-06-19T12:37:28Z",
+      "modified": "2022-06-19T12:37:28Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44876,8 +44876,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T19:58:36Z",
-      "modified": "2018-07-18T19:58:36Z",
+      "created": "2022-06-19T12:38:09Z",
+      "modified": "2022-06-19T12:38:09Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44891,8 +44891,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:00:35Z",
-      "modified": "2018-07-18T20:00:35Z",
+      "created": "2022-06-19T12:40:08Z",
+      "modified": "2022-06-19T12:40:08Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44906,8 +44906,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:00:46Z",
-      "modified": "2018-07-18T20:00:46Z",
+      "created": "2022-06-19T12:40:19Z",
+      "modified": "2022-06-19T12:40:19Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44921,8 +44921,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:00:58Z",
-      "modified": "2018-07-18T20:00:58Z",
+      "created": "2022-06-19T12:40:31Z",
+      "modified": "2022-06-19T12:40:31Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44936,8 +44936,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:02:18Z",
-      "modified": "2018-07-18T20:02:18Z",
+      "created": "2022-06-19T12:41:51Z",
+      "modified": "2022-06-19T12:41:51Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44951,8 +44951,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:02:32Z",
-      "modified": "2018-07-18T20:02:32Z",
+      "created": "2022-06-19T12:42:05Z",
+      "modified": "2022-06-19T12:42:05Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44966,23 +44966,23 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:02:46Z",
-      "modified": "2018-07-18T20:02:46Z",
+      "created": "2022-06-19T12:42:19Z",
+      "modified": "2022-06-19T12:42:19Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
         "dojo",
         "benchmark_category"
       ],
-      "text": "When does information cross a privacy boundary within your application flow? For instance public cloud -\u003e private cloud, public internet -\u003e public cloud, etc."
+      "text": "When does information cross a privacy boundary within your application flow? For instance public cloud -> private cloud, public internet -> public cloud, etc."
     },
     "model": "dojo.question",
     "pk": 23
   },
   {
     "fields": {
-      "created": "2018-07-18T20:02:57Z",
-      "modified": "2018-07-18T20:02:57Z",
+      "created": "2022-06-19T12:42:30Z",
+      "modified": "2022-06-19T12:42:30Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -44996,8 +44996,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:04:46Z",
-      "modified": "2018-07-18T20:04:46Z",
+      "created": "2022-06-19T12:44:19Z",
+      "modified": "2022-06-19T12:44:19Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -45011,8 +45011,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:05:10Z",
-      "modified": "2018-07-18T20:05:10Z",
+      "created": "2022-06-19T12:44:43Z",
+      "modified": "2022-06-19T12:44:43Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -45026,8 +45026,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:05:22Z",
-      "modified": "2018-07-18T20:05:22Z",
+      "created": "2022-06-19T12:44:55Z",
+      "modified": "2022-06-19T12:44:55Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -45041,8 +45041,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:05:32Z",
-      "modified": "2018-07-18T20:05:32Z",
+      "created": "2022-06-19T12:45:05Z",
+      "modified": "2022-06-19T12:45:05Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -45056,8 +45056,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:05:43Z",
-      "modified": "2018-07-18T20:05:43Z",
+      "created": "2022-06-19T12:45:16Z",
+      "modified": "2022-06-19T12:45:16Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -45071,8 +45071,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:05:57Z",
-      "modified": "2018-07-18T20:05:57Z",
+      "created": "2022-06-19T12:45:30Z",
+      "modified": "2022-06-19T12:45:30Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -45086,8 +45086,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:06:15Z",
-      "modified": "2018-07-18T20:06:15Z",
+      "created": "2022-06-19T12:45:48Z",
+      "modified": "2022-06-19T12:45:48Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -45101,8 +45101,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:08:08Z",
-      "modified": "2018-07-18T20:08:08Z",
+      "created": "2022-06-19T12:47:41Z",
+      "modified": "2022-06-19T12:47:41Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -45116,8 +45116,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:08:19Z",
-      "modified": "2018-07-18T20:08:19Z",
+      "created": "2022-06-19T12:47:52Z",
+      "modified": "2022-06-19T12:47:52Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -45131,8 +45131,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:08:30Z",
-      "modified": "2018-07-18T20:08:30Z",
+      "created": "2022-06-19T12:48:03Z",
+      "modified": "2022-06-19T12:48:03Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -45146,8 +45146,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:08:43Z",
-      "modified": "2018-07-18T20:08:43Z",
+      "created": "2022-06-19T12:48:16Z",
+      "modified": "2022-06-19T12:48:16Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -45161,8 +45161,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:08:54Z",
-      "modified": "2018-07-18T20:08:54Z",
+      "created": "2022-06-19T12:48:27Z",
+      "modified": "2022-06-19T12:48:27Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -45176,8 +45176,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:10:15Z",
-      "modified": "2018-07-18T20:10:15Z",
+      "created": "2022-06-19T12:49:48Z",
+      "modified": "2022-06-19T12:49:48Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -45191,8 +45191,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:10:30Z",
-      "modified": "2018-07-18T20:10:30Z",
+      "created": "2022-06-19T12:50:03Z",
+      "modified": "2022-06-19T12:50:03Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -45206,8 +45206,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:10:42Z",
-      "modified": "2018-07-18T20:10:42Z",
+      "created": "2022-06-19T12:50:15Z",
+      "modified": "2022-06-19T12:50:15Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -45221,8 +45221,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:10:52Z",
-      "modified": "2018-07-18T20:10:52Z",
+      "created": "2022-06-19T12:50:25Z",
+      "modified": "2022-06-19T12:50:25Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -45236,8 +45236,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:11:04Z",
-      "modified": "2018-07-18T20:11:04Z",
+      "created": "2022-06-19T12:50:37Z",
+      "modified": "2022-06-19T12:50:37Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -45251,8 +45251,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:11:17Z",
-      "modified": "2018-07-18T20:11:17Z",
+      "created": "2022-06-19T12:50:50Z",
+      "modified": "2022-06-19T12:50:50Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -45266,8 +45266,8 @@
   },
   {
     "fields": {
-      "created": "2018-07-18T20:11:30Z",
-      "modified": "2018-07-18T20:11:30Z",
+      "created": "2022-06-19T12:51:03Z",
+      "modified": "2022-06-19T12:51:03Z",
       "optional": false,
       "order": 1,
       "polymorphic_ctype": [
@@ -46438,7 +46438,7 @@
   },
   {
     "fields": {
-      "date_joined": "2021-08-01T07:59:51Z",
+      "date_joined": "2025-07-03T00:39:24Z",
       "email": "",
       "first_name": "",
       "id": 2,
@@ -47237,8 +47237,8 @@
       "source_code_management_server": null,
       "source_code_management_uri": null,
       "status": "In Progress",
-      "target_end": "2021-07-31",
-      "target_start": "2021-07-31",
+      "target_end": "2025-07-01",
+      "target_start": "2025-07-01",
       "test_strategy": null,
       "threat_model": true,
       "tmodel_path": "none",
@@ -47284,8 +47284,8 @@
       "source_code_management_server": null,
       "source_code_management_uri": null,
       "status": "Completed",
-      "target_end": "2021-07-31",
-      "target_start": "2021-07-31",
+      "target_end": "2025-07-01",
+      "target_start": "2025-07-01",
       "test_strategy": "",
       "threat_model": true,
       "tmodel_path": "none",
@@ -47331,8 +47331,8 @@
       "source_code_management_server": null,
       "source_code_management_uri": null,
       "status": "Completed",
-      "target_end": "2021-07-23",
-      "target_start": "2021-07-22",
+      "target_end": "2025-06-23",
+      "target_start": "2025-06-22",
       "test_strategy": null,
       "threat_model": true,
       "tmodel_path": "none",
@@ -47378,8 +47378,8 @@
       "source_code_management_server": null,
       "source_code_management_uri": null,
       "status": "Completed",
-      "target_end": "2021-12-11",
-      "target_start": "2021-12-04",
+      "target_end": "2025-11-11",
+      "target_start": "2025-11-04",
       "test_strategy": "",
       "threat_model": false,
       "tmodel_path": "none",
@@ -47425,8 +47425,8 @@
       "source_code_management_server": null,
       "source_code_management_uri": null,
       "status": "Not Started",
-      "target_end": "2022-02-26",
-      "target_start": "2022-02-19",
+      "target_end": "2026-01-27",
+      "target_start": "2026-01-20",
       "test_strategy": "",
       "threat_model": false,
       "tmodel_path": "none",
@@ -47470,8 +47470,8 @@
       "source_code_management_server": null,
       "source_code_management_uri": null,
       "status": "",
-      "target_end": "2021-12-04",
-      "target_start": "2021-12-04",
+      "target_end": "2025-11-04",
+      "target_start": "2025-11-04",
       "test_strategy": null,
       "threat_model": true,
       "tmodel_path": "none",
@@ -47517,8 +47517,8 @@
       "source_code_management_server": null,
       "source_code_management_uri": null,
       "status": "Not Started",
-      "target_end": "2022-01-27",
-      "target_start": "2022-01-20",
+      "target_end": "2025-12-28",
+      "target_start": "2025-12-21",
       "test_strategy": "",
       "threat_model": false,
       "tmodel_path": "none",
@@ -47564,8 +47564,8 @@
       "source_code_management_server": null,
       "source_code_management_uri": null,
       "status": "Completed",
-      "target_end": "2021-12-05",
-      "target_start": "2021-12-05",
+      "target_end": "2025-11-05",
+      "target_start": "2025-11-05",
       "test_strategy": "",
       "threat_model": false,
       "tmodel_path": "none",
@@ -47611,8 +47611,8 @@
       "source_code_management_server": null,
       "source_code_management_uri": null,
       "status": "Blocked",
-      "target_end": "2022-02-02",
-      "target_start": "2022-01-30",
+      "target_end": "2026-01-03",
+      "target_start": "2025-12-31",
       "test_strategy": "",
       "threat_model": false,
       "tmodel_path": "none",
@@ -47658,8 +47658,8 @@
       "source_code_management_server": null,
       "source_code_management_uri": "https://github.com/psiinon/bodgeit",
       "status": "Completed",
-      "target_end": "2021-12-12",
-      "target_start": "2021-12-05",
+      "target_end": "2025-11-12",
+      "target_start": "2025-11-05",
       "test_strategy": null,
       "threat_model": false,
       "tmodel_path": "none",
@@ -47703,8 +47703,8 @@
       "source_code_management_server": null,
       "source_code_management_uri": null,
       "status": "In Progress",
-      "target_end": "2021-12-05",
-      "target_start": "2021-12-05",
+      "target_end": "2025-11-05",
+      "target_start": "2025-11-05",
       "test_strategy": null,
       "threat_model": false,
       "tmodel_path": "none",
@@ -47727,7 +47727,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": null,
-      "date": "2021-04-21",
+      "date": "2025-03-22",
       "defect_review_requested_by": [
         "admin"
       ],
@@ -47784,7 +47784,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2021-05-21",
+      "sla_expiration_date": "2025-04-21",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -47815,7 +47815,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": null,
-      "date": "2021-04-21",
+      "date": "2025-03-22",
       "defect_review_requested_by": [
         "admin"
       ],
@@ -47872,7 +47872,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2021-05-21",
+      "sla_expiration_date": "2025-04-21",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -47903,7 +47903,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": null,
-      "date": "2021-04-21",
+      "date": "2025-03-22",
       "defect_review_requested_by": [
         "admin"
       ],
@@ -47960,7 +47960,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2021-05-21",
+      "sla_expiration_date": "2025-04-21",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -47991,7 +47991,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": null,
-      "date": "2021-04-21",
+      "date": "2025-03-22",
       "defect_review_requested_by": [
         "admin"
       ],
@@ -48048,7 +48048,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2021-05-21",
+      "sla_expiration_date": "2025-04-21",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -48079,7 +48079,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": null,
-      "date": "2021-04-21",
+      "date": "2025-03-22",
       "defect_review_requested_by": [
         "admin"
       ],
@@ -48136,7 +48136,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2021-05-21",
+      "sla_expiration_date": "2025-04-21",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -48167,7 +48167,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 1,
-      "date": "2021-04-20",
+      "date": "2025-03-21",
       "defect_review_requested_by": [
         "product_manager"
       ],
@@ -48224,7 +48224,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2021-05-20",
+      "sla_expiration_date": "2025-04-20",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -48255,9 +48255,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -48310,7 +48310,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -48341,9 +48341,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -48396,7 +48396,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -48427,9 +48427,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 829,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84)\n\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -48482,7 +48482,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -48513,9 +48513,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -48568,7 +48568,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -48599,9 +48599,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -48654,7 +48654,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -48685,9 +48685,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -48740,7 +48740,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -48771,9 +48771,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 10706,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -48826,7 +48826,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -48857,9 +48857,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -48912,7 +48912,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -48943,9 +48943,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -48998,7 +48998,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -49029,9 +49029,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 330,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n",
+      "description": "**Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -49084,7 +49084,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -49115,9 +49115,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -49170,7 +49170,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -49201,9 +49201,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -49256,7 +49256,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -49287,9 +49287,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\u003c/a\u003e\u003c/td\u003e\u003ctd\u003e\" + type + \"\u003c/td\u003e\u003ctd align=\\\"right\\\"\u003e\" + nf.format(price) + \"\u003c/td\u003e\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"</a></td><td>\" + type + \"</td><td align=\\\"right\\\">\" + nf.format(price) + \"</td>\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -49342,7 +49342,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -49373,9 +49373,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 329,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -49428,7 +49428,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -49459,9 +49459,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 182,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -49514,7 +49514,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -49545,9 +49545,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 646,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -49600,7 +49600,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -49631,9 +49631,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -49686,7 +49686,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -49717,9 +49717,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -49772,7 +49772,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -49803,9 +49803,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 244,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -49858,7 +49858,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -49889,9 +49889,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 338,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -49944,7 +49944,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -49975,9 +49975,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 501,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -50030,7 +50030,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -50061,9 +50061,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\u003cbr/\u003e\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\u003cbr/\u003e\" + e);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.<br/>\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.<br/>\" + e);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -50116,7 +50116,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -50147,9 +50147,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 784,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -50202,7 +50202,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -50233,9 +50233,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -50288,7 +50288,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -50319,9 +50319,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -50374,7 +50374,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -50405,9 +50405,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -50460,7 +50460,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -50491,9 +50491,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -50546,7 +50546,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -50577,9 +50577,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 10706,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -50632,7 +50632,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -50663,9 +50663,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -50718,7 +50718,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -50749,9 +50749,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 614,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -50804,7 +50804,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -50835,9 +50835,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -50890,7 +50890,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -50921,9 +50921,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** \u003ctd\u003e\u003c%=username%\u003e\u003c/td\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** <td><%=username%></td>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -50976,7 +50976,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -51007,9 +51007,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -51062,7 +51062,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -51093,9 +51093,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -51148,7 +51148,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -51179,9 +51179,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -51234,7 +51234,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -51265,9 +51265,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -51320,7 +51320,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -51351,9 +51351,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -51406,7 +51406,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -51437,9 +51437,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -51492,7 +51492,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -51523,9 +51523,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -51578,7 +51578,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -51609,9 +51609,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -51664,7 +51664,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -51695,9 +51695,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 315,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -51750,7 +51750,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -51781,9 +51781,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -51836,7 +51836,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -51867,9 +51867,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -51922,7 +51922,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -51953,9 +51953,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getInt(\"userid\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"name\") +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"<td>\" + rs.getInt(\"userid\") + \"</td><td>\" + rs.getString(\"name\") +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -52008,7 +52008,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -52039,9 +52039,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -52094,7 +52094,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -52125,9 +52125,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -52180,7 +52180,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -52211,9 +52211,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 244,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -52266,7 +52266,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -52297,9 +52297,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -52352,7 +52352,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -52383,9 +52383,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 384,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -52438,7 +52438,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -52469,9 +52469,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\u003c/TD\u003e\u003cTD\u003e\" + rs.getString(\"PRICE\") + \"\u003c/TD\u003e\u003c/TR\u003e\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\u003c/TD\u003e\u003cTD\u003e\" + rs.getString(\"PRICE\") + \"\u003c/TD\u003e\u003c/TR\u003e\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\u003cTR\u003e\u003cTD\u003e\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\u003cTR\u003e\u003cTD\u003e\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** \u003c%= output %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"</TD><TD>\" + rs.getString(\"PRICE\") + \"</TD></TR>\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"</TD><TD>\" + rs.getString(\"PRICE\") + \"</TD></TR>\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"<TR><TD>\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"<TR><TD>\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** <%= output %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -52524,7 +52524,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -52555,9 +52555,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -52610,7 +52610,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -52641,9 +52641,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -52696,7 +52696,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -52727,9 +52727,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -52782,7 +52782,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -52813,9 +52813,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 10706,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -52868,7 +52868,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -52899,9 +52899,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -52954,7 +52954,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -52985,9 +52985,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\u003c/a\u003e\u003c/td\u003e\u003ctd\u003e\" + type + \"\u003c/td\u003e\u003ctd align=\\\"right\\\"\u003e\" + nf.format(price) + \"\u003c/td\u003e\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"</a></td><td>\" + type + \"</td><td align=\\\"right\\\">\" + nf.format(price) + \"</td>\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -53040,7 +53040,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -53071,9 +53071,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -53126,7 +53126,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -53157,9 +53157,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -53212,7 +53212,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -53243,9 +53243,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -53298,7 +53298,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -53329,9 +53329,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -53384,7 +53384,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -53415,9 +53415,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -53470,7 +53470,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -53501,9 +53501,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -53556,7 +53556,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -53587,9 +53587,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 362,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\u003ctd align=\\\"right\\\"\u003e\" + nf.format(pricetopay) + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"<td align=\\\"right\\\">\" + nf.format(pricetopay) + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -53642,7 +53642,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -53673,9 +53673,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -53728,7 +53728,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -53759,9 +53759,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -53814,7 +53814,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -53845,9 +53845,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \u003cinput type=\"hidden\" id=\"user\" name=\"\u003c%=username%\u003e\" value=\"\"/\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** <input type=\"hidden\" id=\"user\" name=\"<%=username%>\" value=\"\"/>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -53900,7 +53900,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -53931,9 +53931,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 338,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -53986,7 +53986,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -54017,9 +54017,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -54072,7 +54072,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -54103,9 +54103,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -54158,7 +54158,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -54189,9 +54189,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -54244,7 +54244,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -54275,9 +54275,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -54330,7 +54330,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -54361,9 +54361,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -54416,7 +54416,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -54447,9 +54447,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 601,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** \u003ca href=\"javascript:window.location=window.location.href\"\u003eNew Search\u003c/a\u003e\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** \u003ca href=\"javascript:window.location=window.location.href\"\u003eNew Search\u003c/a\u003e\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** <a href=\"javascript:window.location=window.location.href\">New Search</a>\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** <a href=\"javascript:window.location=window.location.href\">New Search</a>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -54502,7 +54502,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -54533,9 +54533,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -54588,7 +54588,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -54619,9 +54619,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -54674,7 +54674,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -54705,9 +54705,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 330,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -54760,7 +54760,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -54791,9 +54791,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 829,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \u003c?xml version=\"1.0\" encoding=\"ISO-8859-1\"?\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** <?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -54846,7 +54846,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -54877,9 +54877,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"\u003cscript\u003ealert(\\\"xss\\\")\u003c/script\u003e\") \u003e= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** \u003cb\u003eYou searched for:\u003c/b\u003e \u003c%= query %\u003e\u003cbr/\u003e\u003cbr/\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"<script>alert(\\\"xss\\\")</script>\") >= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** <b>You searched for:</b> <%= query %><br/><br/>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -54932,7 +54932,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -54963,9 +54963,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 614,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -55018,7 +55018,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -55049,9 +55049,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -55104,7 +55104,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -55135,9 +55135,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 321,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -55190,7 +55190,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -55221,9 +55221,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 784,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -55276,7 +55276,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -55307,9 +55307,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"name\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"comment\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"name\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"comment\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"name\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"comment\") + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"<td>\" + rs.getString(\"name\") + \"</td><td>\" + rs.getString(\"comment\") + \"</td>\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"<td>\" + rs.getString(\"name\") + \"</td><td>\" + rs.getString(\"comment\") + \"</td>\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"<td>\" + rs.getString(\"name\") + \"</td><td>\" + rs.getString(\"comment\") + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -55362,7 +55362,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -55393,9 +55393,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getInt(\"userid\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"name\") +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"<td>\" + rs.getInt(\"userid\") + \"</td><td>\" + rs.getString(\"name\") +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -55448,7 +55448,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -55479,9 +55479,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 244,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -55534,7 +55534,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -55565,9 +55565,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -55620,7 +55620,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -55651,9 +55651,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") \u003e= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") >= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -55706,7 +55706,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -55737,9 +55737,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -55792,7 +55792,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -55823,9 +55823,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \u003ca href=\\\"password.jsp\\\"\u003e\" + username + \"\u003c/a\u003e\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \u003ca href=\\\"password.jsp\\\"\u003e\" + username + \"\u003c/a\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: <a href=\\\"password.jsp\\\">\" + username + \"</a>\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: <a href=\\\"password.jsp\\\">\" + username + \"</a>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -55878,7 +55878,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -55909,9 +55909,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -55964,7 +55964,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -55995,9 +55995,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 10706,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \u003c?xml version=\"1.0\" encoding=\"ISO-8859-1\"?\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** <?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -56050,7 +56050,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -56081,9 +56081,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 321,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -56136,7 +56136,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -56167,9 +56167,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -56222,7 +56222,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -56253,9 +56253,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -56308,7 +56308,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -56339,9 +56339,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -56394,7 +56394,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -56425,9 +56425,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -56480,7 +56480,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -56511,9 +56511,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -56566,7 +56566,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -56597,9 +56597,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -56652,7 +56652,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -56683,9 +56683,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -56738,7 +56738,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -56769,9 +56769,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -56824,7 +56824,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -56855,9 +56855,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -56910,7 +56910,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -56941,9 +56941,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 784,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -56996,7 +56996,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -57027,9 +57027,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -57082,7 +57082,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -57113,9 +57113,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 567,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -57168,7 +57168,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -57199,9 +57199,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -57254,7 +57254,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -57285,9 +57285,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -57340,7 +57340,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -57371,9 +57371,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -57426,7 +57426,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -57457,9 +57457,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 384,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -57512,7 +57512,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -57543,9 +57543,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -57598,7 +57598,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -57629,9 +57629,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -57684,7 +57684,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -57715,9 +57715,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -57770,7 +57770,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -57801,9 +57801,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -57856,7 +57856,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -57887,9 +57887,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -57942,7 +57942,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -57973,9 +57973,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -58028,7 +58028,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -58059,9 +58059,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -58114,7 +58114,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -58145,9 +58145,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -58200,7 +58200,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -58231,9 +58231,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -58286,7 +58286,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -58317,9 +58317,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 330,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -58372,7 +58372,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -58403,9 +58403,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \u003cinput type=\"hidden\" id=\"user\" name=\"\u003c%=username%\u003e\" value=\"\"/\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** <input type=\"hidden\" id=\"user\" name=\"<%=username%>\" value=\"\"/>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -58458,7 +58458,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -58489,9 +58489,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 10706,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -58544,7 +58544,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -58575,9 +58575,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 614,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -58630,7 +58630,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -58661,9 +58661,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -58716,7 +58716,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -58747,9 +58747,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 362,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\u003c/td\u003e\u003c/td\u003e\u003ctd align=\\\"right\\\"\u003e\" + nf.format(price) + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"</td></td><td align=\\\"right\\\">\" + nf.format(price) + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -58802,7 +58802,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -58833,9 +58833,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -58888,7 +58888,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -58919,9 +58919,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -58974,7 +58974,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -59005,9 +59005,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 244,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -59060,7 +59060,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -59091,9 +59091,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -59146,7 +59146,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -59177,9 +59177,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -59232,7 +59232,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -59263,9 +59263,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -59318,7 +59318,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -59349,9 +59349,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 352,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -59404,7 +59404,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -59435,9 +59435,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -59490,7 +59490,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -59521,9 +59521,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -59576,7 +59576,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -59607,9 +59607,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -59662,7 +59662,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -59693,9 +59693,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -59748,7 +59748,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -59779,9 +59779,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 829,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84)\n\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -59834,7 +59834,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -59865,9 +59865,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -59920,7 +59920,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -59951,9 +59951,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -60006,7 +60006,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -60037,9 +60037,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -60092,7 +60092,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -60123,9 +60123,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 10706,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -60178,7 +60178,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -60209,9 +60209,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -60264,7 +60264,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -60295,9 +60295,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -60350,7 +60350,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -60381,9 +60381,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 330,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n",
+      "description": "**Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -60436,7 +60436,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -60467,9 +60467,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -60522,7 +60522,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -60553,9 +60553,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -60608,7 +60608,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -60639,9 +60639,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\u003c/a\u003e\u003c/td\u003e\u003ctd\u003e\" + type + \"\u003c/td\u003e\u003ctd align=\\\"right\\\"\u003e\" + nf.format(price) + \"\u003c/td\u003e\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"</a></td><td>\" + type + \"</td><td align=\\\"right\\\">\" + nf.format(price) + \"</td>\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -60694,7 +60694,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -60725,9 +60725,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 329,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -60780,7 +60780,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -60811,9 +60811,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 182,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -60866,7 +60866,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -60897,9 +60897,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 646,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -60952,7 +60952,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -60983,9 +60983,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -61038,7 +61038,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -61069,9 +61069,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -61124,7 +61124,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -61155,9 +61155,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 244,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -61210,7 +61210,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -61241,9 +61241,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 338,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -61296,7 +61296,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -61327,9 +61327,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 501,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -61382,7 +61382,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -61413,9 +61413,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\u003cbr/\u003e\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\u003cbr/\u003e\" + e);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.<br/>\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.<br/>\" + e);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -61468,7 +61468,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -61499,9 +61499,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 784,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -61554,7 +61554,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -61585,9 +61585,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -61640,7 +61640,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -61671,9 +61671,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -61726,7 +61726,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -61757,9 +61757,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -61812,7 +61812,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -61843,9 +61843,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -61898,7 +61898,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -61929,9 +61929,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 10706,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -61984,7 +61984,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -62015,9 +62015,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -62070,7 +62070,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -62101,9 +62101,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 614,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -62156,7 +62156,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -62187,9 +62187,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -62242,7 +62242,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -62273,9 +62273,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** \u003ctd\u003e\u003c%=username%\u003e\u003c/td\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** <td><%=username%></td>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -62328,7 +62328,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -62359,9 +62359,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -62414,7 +62414,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -62445,9 +62445,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -62500,7 +62500,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -62531,9 +62531,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -62586,7 +62586,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -62617,9 +62617,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -62672,7 +62672,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -62703,9 +62703,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -62758,7 +62758,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -62789,9 +62789,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -62844,7 +62844,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -62875,9 +62875,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -62930,7 +62930,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -62961,9 +62961,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -63016,7 +63016,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -63047,9 +63047,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 315,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -63102,7 +63102,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -63133,9 +63133,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -63188,7 +63188,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -63219,9 +63219,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -63274,7 +63274,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -63305,9 +63305,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getInt(\"userid\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"name\") +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"<td>\" + rs.getInt(\"userid\") + \"</td><td>\" + rs.getString(\"name\") +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -63360,7 +63360,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -63391,9 +63391,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -63446,7 +63446,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -63477,9 +63477,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -63532,7 +63532,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -63563,9 +63563,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 244,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -63618,7 +63618,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -63649,9 +63649,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -63704,7 +63704,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -63735,9 +63735,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 384,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -63790,7 +63790,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -63821,9 +63821,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\u003c/TD\u003e\u003cTD\u003e\" + rs.getString(\"PRICE\") + \"\u003c/TD\u003e\u003c/TR\u003e\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\u003c/TD\u003e\u003cTD\u003e\" + rs.getString(\"PRICE\") + \"\u003c/TD\u003e\u003c/TR\u003e\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\u003cTR\u003e\u003cTD\u003e\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\u003cTR\u003e\u003cTD\u003e\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** \u003c%= output %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"</TD><TD>\" + rs.getString(\"PRICE\") + \"</TD></TR>\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"</TD><TD>\" + rs.getString(\"PRICE\") + \"</TD></TR>\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"<TR><TD>\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"<TR><TD>\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** <%= output %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -63876,7 +63876,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -63907,9 +63907,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -63962,7 +63962,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -63993,9 +63993,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -64048,7 +64048,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -64079,9 +64079,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -64134,7 +64134,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -64165,9 +64165,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 10706,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -64220,7 +64220,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -64251,9 +64251,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -64306,7 +64306,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -64337,9 +64337,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\u003c/a\u003e\u003c/td\u003e\u003ctd\u003e\" + type + \"\u003c/td\u003e\u003ctd align=\\\"right\\\"\u003e\" + nf.format(price) + \"\u003c/td\u003e\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"</a></td><td>\" + type + \"</td><td align=\\\"right\\\">\" + nf.format(price) + \"</td>\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -64392,7 +64392,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -64423,9 +64423,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -64478,7 +64478,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -64509,9 +64509,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -64564,7 +64564,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -64595,9 +64595,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -64650,7 +64650,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -64681,9 +64681,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -64736,7 +64736,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -64767,9 +64767,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -64822,7 +64822,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -64853,9 +64853,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -64908,7 +64908,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -64939,9 +64939,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 362,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\u003ctd align=\\\"right\\\"\u003e\" + nf.format(pricetopay) + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"<td align=\\\"right\\\">\" + nf.format(pricetopay) + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -64994,7 +64994,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -65025,9 +65025,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -65080,7 +65080,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -65111,9 +65111,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -65166,7 +65166,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -65197,9 +65197,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \u003cinput type=\"hidden\" id=\"user\" name=\"\u003c%=username%\u003e\" value=\"\"/\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** <input type=\"hidden\" id=\"user\" name=\"<%=username%>\" value=\"\"/>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -65252,7 +65252,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -65283,9 +65283,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 338,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -65338,7 +65338,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -65369,9 +65369,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -65424,7 +65424,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -65455,9 +65455,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -65510,7 +65510,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -65541,9 +65541,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -65596,7 +65596,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -65627,9 +65627,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -65682,7 +65682,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -65713,9 +65713,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -65768,7 +65768,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -65799,9 +65799,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 601,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** \u003ca href=\"javascript:window.location=window.location.href\"\u003eNew Search\u003c/a\u003e\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** \u003ca href=\"javascript:window.location=window.location.href\"\u003eNew Search\u003c/a\u003e\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** <a href=\"javascript:window.location=window.location.href\">New Search</a>\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** <a href=\"javascript:window.location=window.location.href\">New Search</a>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -65854,7 +65854,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -65885,9 +65885,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -65940,7 +65940,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -65971,9 +65971,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" + product + \"\u003c/a\u003e\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" + product + \"</a></td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -66026,7 +66026,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -66057,9 +66057,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 330,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -66112,7 +66112,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -66143,9 +66143,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 829,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \u003c?xml version=\"1.0\" encoding=\"ISO-8859-1\"?\u003e\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** <?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -66198,7 +66198,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -66229,9 +66229,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"\u003cscript\u003ealert(\\\"xss\\\")\u003c/script\u003e\") \u003e= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** \u003cb\u003eYou searched for:\u003c/b\u003e \u003c%= query %\u003e\u003cbr/\u003e\u003cbr/\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"<script>alert(\\\"xss\\\")</script>\") >= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** <b>You searched for:</b> <%= query %><br/><br/>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -66284,7 +66284,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -66315,9 +66315,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 614,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -66370,7 +66370,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -66401,9 +66401,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -66456,7 +66456,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -66487,9 +66487,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 321,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -66542,7 +66542,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -66573,9 +66573,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 784,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -66628,7 +66628,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -66659,9 +66659,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"name\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"comment\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"name\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"comment\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"name\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"comment\") + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"<td>\" + rs.getString(\"name\") + \"</td><td>\" + rs.getString(\"comment\") + \"</td>\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"<td>\" + rs.getString(\"name\") + \"</td><td>\" + rs.getString(\"comment\") + \"</td>\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"<td>\" + rs.getString(\"name\") + \"</td><td>\" + rs.getString(\"comment\") + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -66714,7 +66714,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -66745,9 +66745,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"type\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getInt(\"currentbasketid\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getInt(\"userid\") + \"\u003c/td\u003e\u003ctd\u003e\" + rs.getString(\"name\") +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"</td><td>\" + rs.getString(\"type\") + \"</td><td>\" + rs.getInt(\"currentbasketid\") + \"</td>\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"<td>\" + rs.getInt(\"userid\") + \"</td><td>\" + rs.getString(\"name\") +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -66800,7 +66800,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -66831,9 +66831,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 244,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -66886,7 +66886,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -66917,9 +66917,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -66972,7 +66972,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -67003,9 +67003,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") \u003e= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") >= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -67058,7 +67058,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -67089,9 +67089,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -67144,7 +67144,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -67175,9 +67175,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \u003ca href=\\\"password.jsp\\\"\u003e\" + username + \"\u003c/a\u003e\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \u003ca href=\\\"password.jsp\\\"\u003e\" + username + \"\u003c/a\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: <a href=\\\"password.jsp\\\">\" + username + \"</a>\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: <a href=\\\"password.jsp\\\">\" + username + \"</a>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -67230,7 +67230,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -67261,9 +67261,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -67316,7 +67316,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -67347,9 +67347,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 10706,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \u003c?xml version=\"1.0\" encoding=\"ISO-8859-1\"?\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** <?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -67402,7 +67402,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -67433,9 +67433,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 321,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -67488,7 +67488,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -67519,9 +67519,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -67574,7 +67574,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -67605,9 +67605,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -67660,7 +67660,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -67691,9 +67691,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\u003ctd\u003e\" + rs.getString(\"description\") + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"<td>\" + rs.getString(\"description\") + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -67746,7 +67746,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -67777,9 +67777,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -67832,7 +67832,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -67863,9 +67863,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -67918,7 +67918,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -67949,9 +67949,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -68004,7 +68004,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -68035,9 +68035,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -68090,7 +68090,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -68121,9 +68121,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -68176,7 +68176,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -68207,9 +68207,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -68262,7 +68262,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -68293,9 +68293,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 784,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -68348,7 +68348,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -68379,9 +68379,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -68434,7 +68434,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -68465,9 +68465,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 567,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -68520,7 +68520,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -68551,9 +68551,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -68606,7 +68606,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -68637,9 +68637,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -68692,7 +68692,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -68723,9 +68723,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -68778,7 +68778,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -68809,9 +68809,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 384,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -68864,7 +68864,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -68895,9 +68895,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -68950,7 +68950,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -68981,9 +68981,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 547,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -69036,7 +69036,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -69067,9 +69067,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -69122,7 +69122,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -69153,9 +69153,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -69208,7 +69208,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -69239,9 +69239,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -69294,7 +69294,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -69325,9 +69325,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -69380,7 +69380,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -69411,9 +69411,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -69466,7 +69466,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -69497,9 +69497,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100)\n\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100)\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -69552,7 +69552,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -69583,9 +69583,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -69638,7 +69638,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -69669,9 +69669,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 330,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -69724,7 +69724,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -69755,9 +69755,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \u003cinput type=\"hidden\" id=\"user\" name=\"\u003c%=username%\u003e\" value=\"\"/\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** <input type=\"hidden\" id=\"user\" name=\"<%=username%>\" value=\"\"/>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -69810,7 +69810,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -69841,9 +69841,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 10706,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -69896,7 +69896,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -69927,9 +69927,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 614,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -69982,7 +69982,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -70013,9 +70013,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -70068,7 +70068,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -70099,9 +70099,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 362,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\u003c/td\u003e\u003c/td\u003e\u003ctd align=\\\"right\\\"\u003e\" + nf.format(price) + \"\u003c/td\u003e\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"</td></td><td align=\\\"right\\\">\" + nf.format(price) + \"</td>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -70154,7 +70154,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -70185,9 +70185,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -70240,7 +70240,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -70271,9 +70271,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -70326,7 +70326,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -70357,9 +70357,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 244,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -70412,7 +70412,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -70443,9 +70443,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\u003cscript\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"\u003c/script\u003e\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"\u003ctr\u003e\u003ctd\u003e\" + comments + \"\u003c/td\u003e\u003c/tr\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"<script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 363\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 379\n**Source Object:** replace\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 20\n**Column:** 352\n**Source Object:** comments\n**Number:** 20\n**Code:** comments = comments.replace(\"</script>\", \"\");\n-----\n**Line Number:** 22\n**Column:** 363\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 379\n**Source Object:** replace\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 22\n**Column:** 352\n**Source Object:** comments\n**Number:** 22\n**Code:** comments = comments.replace(\"\\\"\", \"\");\n-----\n**Line Number:** 37\n**Column:** 378\n**Source Object:** comments\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"<tr><td>\" + comments + \"</td></tr>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -70498,7 +70498,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -70529,9 +70529,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 259,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -70584,7 +70584,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -70615,9 +70615,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 209,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -70670,7 +70670,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -70701,9 +70701,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 352,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -70756,7 +70756,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -70787,9 +70787,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -70842,7 +70842,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -70873,9 +70873,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -70928,7 +70928,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -70959,9 +70959,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 494,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=288](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=288)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=289](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=289)\n\n**Line Number:** 1\n**Column:** 680\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=288](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=288)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=289](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=289)\n\n**Line Number:** 1\n**Column:** 680\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -71014,7 +71014,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -71045,9 +71045,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 285,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=121](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=121)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=122](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=122)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=123](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=123)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=124](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=124)\n\n**Line Number:** 12\n**Column:** 383\n**Source Object:** execute\n**Number:** 12\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_ADMIN'\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=121](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=121)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=122](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=122)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=123](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=123)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=124](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=124)\n\n**Line Number:** 12\n**Column:** 383\n**Source Object:** execute\n**Number:** 12\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_ADMIN'\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -71100,7 +71100,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -71131,9 +71131,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 338,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=14](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=14)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=14](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=14)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -71186,7 +71186,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -71217,9 +71217,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 404,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=463](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=463)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=464](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=464)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=465](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=465)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=466](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=466)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=467](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=467)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=468](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=468)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=469](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=469)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=470](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=470)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=471](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=471)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=472](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=472)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=473](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=473)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=474](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=474)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=475](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=475)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=476](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=476)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=477](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=477)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=478](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=478)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=479](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=479)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=480](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=480)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=481](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=481)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=482](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=482)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=483](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=483)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=484](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=484)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=485](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=485)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=486](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=486)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=487](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=487)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=488](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=488)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=489](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=489)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=490](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=490)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=491](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=491)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=492](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=492)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=493](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=493)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=494](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=494)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=495](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=495)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=496](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=496)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=497](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=497)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=498](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=498)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=499](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=499)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=500](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=500)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=501](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=501)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=502](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=502)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=503](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=503)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=504](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=504)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=505](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=505)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=506](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=506)\n\n**Line Number:** 24\n**Column:** 377\n**Source Object:** conn\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 398\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 370\n**Source Object:** stmt\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 27\n**Column:** 353\n**Source Object:** stmt\n**Number:** 27\n**Code:** stmt.setString(1, username);\n-----\n**Line Number:** 28\n**Column:** 353\n**Source Object:** stmt\n**Number:** 28\n**Code:** stmt.setString(2, comments);\n-----\n**Line Number:** 29\n**Column:** 365\n**Source Object:** execute\n**Number:** 29\n**Code:** stmt.execute();\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=463](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=463)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=464](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=464)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=465](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=465)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=466](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=466)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=467](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=467)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=468](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=468)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=469](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=469)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=470](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=470)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=471](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=471)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=472](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=472)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=473](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=473)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=474](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=474)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=475](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=475)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=476](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=476)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=477](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=477)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=478](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=478)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=479](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=479)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=480](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=480)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=481](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=481)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=482](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=482)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=483](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=483)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=484](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=484)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=485](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=485)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=486](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=486)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=487](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=487)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=488](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=488)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=489](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=489)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=490](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=490)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=491](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=491)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=492](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=492)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=493](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=493)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=494](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=494)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=495](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=495)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=496](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=496)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=497](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=497)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=498](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=498)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=499](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=499)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=500](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=500)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=501](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=501)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=502](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=502)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=503](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=503)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=504](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=504)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=505](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=505)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=506](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=506)\n\n**Line Number:** 24\n**Column:** 377\n**Source Object:** conn\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 398\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 370\n**Source Object:** stmt\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 27\n**Column:** 353\n**Source Object:** stmt\n**Number:** 27\n**Code:** stmt.setString(1, username);\n-----\n**Line Number:** 28\n**Column:** 353\n**Source Object:** stmt\n**Number:** 28\n**Code:** stmt.setString(2, comments);\n-----\n**Line Number:** 29\n**Column:** 365\n**Source Object:** execute\n**Number:** 29\n**Code:** stmt.execute();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -71272,7 +71272,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2020-04-16",
+      "sla_expiration_date": "2024-03-17",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -71303,9 +71303,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 79,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=333](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=333)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=333](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=333)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"<br/><br/>\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -71358,7 +71358,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -71389,9 +71389,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 330,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=23](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=23)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n",
+      "description": "**Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=23](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=23)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -71444,7 +71444,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2020-03-17",
+      "sla_expiration_date": "2024-02-16",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -71475,9 +71475,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 89,
-      "date": "2019-12-18",
+      "date": "2023-11-18",
       "defect_review_requested_by": null,
-      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=339](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=339)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n",
+      "description": "**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=339](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=339)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -71530,7 +71530,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2020-01-17",
+      "sla_expiration_date": "2023-12-18",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -71561,7 +71561,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": null,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "asdf",
       "duplicate": false,
@@ -71645,7 +71645,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 1035,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer\n\nStack-based buffer overflow in LexRuby.cxx (SciLexer.dll) in Scintilla 1.73, as used by notepad++ 4.1.1 and earlier, allows user-assisted remote attackers to execute arbitrary code via certain Ruby (.rb) files with long lines.  NOTE: this was originally reported as a vulnerability in notepad++.",
       "duplicate": false,
@@ -71700,7 +71700,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-01-03",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -71731,7 +71731,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 1035,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')\n\nThe GUP generic update process in Notepad++ before 4.8.1 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update, as demonstrated by evilgrade and DNS cache poisoning.",
       "duplicate": false,
@@ -71786,7 +71786,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-01-03",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -71817,7 +71817,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Account\\ViewAccountInfo.aspx.cs\nLine: 22\nCodeLine: ContactName is being repurposed as the foreign key to the user table.  Kludgey, I know.\n",
       "duplicate": false,
@@ -71903,7 +71903,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Medium\nDescription: The application is configured to return .NET debug information. This can provide an attacker with useful information and should not be used in a live application.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Web.config\nLine: 25\n",
       "duplicate": false,
@@ -71958,7 +71958,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -71989,7 +71989,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Standard\nDescription: The URL used in the HTTP request appears to be loaded from a variable. Check the code manually to ensure that malicious URLs cannot be submitted by an attacker.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\PackageTracking.aspx.cs\nLine: 72\nCodeLine:             Response.Redirect(Order.GetPackageTrackingUrl(_carrier, _trackingNumber));\n",
       "duplicate": false,
@@ -72044,7 +72044,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -72075,7 +72075,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\XtremelyEvilWebApp\\StealCookies.aspx.cs\nLine: 19\nCodeLine: TODO: Mail the cookie in real time.\n",
       "duplicate": false,
@@ -72161,7 +72161,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Infrastructure\\CustomerRepository.cs\nLine: 41\nCodeLine: TODO: Add try/catch logic\n",
       "duplicate": false,
@@ -72247,7 +72247,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Infrastructure\\ShipperRepository.cs\nLine: 37\nCodeLine: / TODO: Use the check digit algorithms to make it realistic.\n",
       "duplicate": false,
@@ -72333,7 +72333,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Medium\nDescription: The application is configured to return .NET debug information. This can provide an attacker with useful information and should not be used in a live application.\nFileName: C:\\Projects\\WebGoat.Net\\XtremelyEvilWebApp\\Web.config\nLine: 6\n",
       "duplicate": false,
@@ -72388,7 +72388,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -72419,7 +72419,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Product.aspx.cs\nLine: 58\nCodeLine: TODO: Put this in try/catch as well\n",
       "duplicate": false,
@@ -72505,7 +72505,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Checkout\\Checkout.aspx.cs\nLine: 145\nCodeLine: TODO: Uncommenting this line causes EF to throw exception when creating the order.\n",
       "duplicate": false,
@@ -72591,7 +72591,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Core\\Order.cs\nLine: 27\nCodeLine: TODO: Shipments and Payments should be singular.  Like customer.\n",
       "duplicate": false,
@@ -72677,7 +72677,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Standard\nDescription: The URL used in the HTTP request appears to be loaded from a variable. Check the code manually to ensure that malicious URLs cannot be submitted by an attacker.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Account\\Register.aspx.cs\nLine: 35\nCodeLine:             Response.Redirect(continueUrl);\n",
       "duplicate": false,
@@ -72732,7 +72732,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -72763,7 +72763,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Infrastructure\\BlogResponseRepository.cs\nLine: 18\nCodeLine: TODO: should put this in a try/catch\n",
       "duplicate": false,
@@ -72849,7 +72849,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Infrastructure\\BlogEntryRepository.cs\nLine: 18\nCodeLine: TODO: should put this in a try/catch\n",
       "duplicate": false,
@@ -72935,7 +72935,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Standard\nDescription: The URL used in the HTTP request appears to be loaded from a variable. Check the code manually to ensure that malicious URLs cannot be submitted by an attacker.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\PackageTracking.aspx.cs\nLine: 25\nCodeLine:                     Response.Redirect(Order.GetPackageTrackingUrl(_carrier, _trackingNumber));\n",
       "duplicate": false,
@@ -72990,7 +72990,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -73021,7 +73021,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Core\\Cart.cs\nLine: 16\nCodeLine: TODO: Refactor this. Use LINQ with aggregation to get SUM.\n",
       "duplicate": false,
@@ -73107,7 +73107,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\Core\\Cart.cs\nLine: 41\nCodeLine: TODO: Add ability to delete an orderDetail and to change quantities.\n",
       "duplicate": false,
@@ -73193,7 +73193,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Product.aspx.cs\nLine: 59\nCodeLine: TODO: Feels like this is too much business logic.  Should be moved to OrderDetail constructor?\n",
       "duplicate": false,
@@ -73279,7 +73279,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Severity: Suspicious Comment\nDescription: The comment includes some wording which indicates that the developer regards it as unfinished or does not trust it to work correctly.\nFileName: C:\\Projects\\WebGoat.Net\\WebSite\\Checkout\\Checkout.aspx.cs\nLine: 102\nCodeLine: TODO: Throws an error if we don't set the date. Try to set it to null or something.\n",
       "duplicate": false,
@@ -73365,7 +73365,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/password.jsp\n\nThe page contains a form with the following action URL:\n\n  * http://localhost:8888/bodgeit/password.jsp\n\nThe form contains the following password fields with autocomplete enabled:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe page contains a form with the following action URL:\n\n  * http://localhost:8888/bodgeit/register.jsp\n\nThe form contains the following password fields with autocomplete enabled:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe page contains a form with the following action URL:\n\n  * http://localhost:8888/bodgeit/login.jsp\n\nThe form contains the following password field with autocomplete enabled:\n  * password\n\n\n\n",
       "duplicate": false,
@@ -73420,7 +73420,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -73451,7 +73451,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/logout.jsp\n\n\nURL: http://localhost:8888/\n\n\nURL: http://localhost:8888/bodgeit/search.jsp\n\n\nURL: http://localhost:8888/bodgeit/score.jsp\n\n\nURL: http://localhost:8888/bodgeit/product.jsp\n\n\nURL: http://localhost:8888/bodgeit/password.jsp\n\n\nURL: http://localhost:8888/bodgeit/home.jsp\n\n\nURL: http://localhost:8888/bodgeit/contact.jsp\n\n\nURL: http://localhost:8888/bodgeit/about.jsp\n\n\nURL: http://localhost:8888/bodgeit/admin.jsp\n\n\nURL: http://localhost:8888/bodgeit/advanced.jsp\n\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\n\nURL: http://localhost:8888/bodgeit/\n\n\n",
       "duplicate": false,
@@ -73537,9 +73537,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
-      "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto \u003cscript\u003ealert(1)\u003c/script\u003enwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 \u003cscript\u003ealert(1)\u003c/script\u003ejledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n",
+      "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto <script>alert(1)</script>nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 <script>alert(1)</script>jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": true,
@@ -73564,7 +73564,7 @@
       "line": null,
       "mitigated": null,
       "mitigated_by": null,
-      "mitigation": "\n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including \u003c \u003e \" ' and =, should be replaced with the corresponding HTML entities (\u0026lt; \u0026gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n",
+      "mitigation": "\n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > \" ' and =, should be replaced with the corresponding HTML entities (&lt; &gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n",
       "nb_occurences": null,
       "numerical_severity": "S1",
       "out_of_scope": false,
@@ -73592,7 +73592,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-01-03",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -73623,7 +73623,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/\n\n\n",
       "duplicate": false,
@@ -73678,7 +73678,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -73709,7 +73709,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\n\n",
       "duplicate": false,
@@ -73764,7 +73764,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -73795,7 +73795,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/score.jsp\n\nThe following email addresses were disclosed in the response:\n\n  * admin@thebodgeitstore.com\n  * test@thebodgeitstore.com\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe following email address was disclosed in the response:\n\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/product.jsp\n\nThe following email address was disclosed in the response:\n\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/about.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/admin.jsp\n\nThe following email addresses were disclosed in the response:\n\n  * admin@thebodgeitstore.com\n  * test@test.com\n  * test@thebodgeitstore.com\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/advanced.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\n",
       "duplicate": false,
@@ -73881,7 +73881,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/login.jsp\n\nThe request appears to be vulnerable to cross-site request forgery (CSRF) attacks against unauthenticated functionality. This is unlikely to constitute a security vulnerability in its own right, however it may facilitate exploitation of other vulnerabilities affecting application users.\n\n",
       "duplicate": false,
@@ -73967,7 +73967,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/register.jsp\n\nThe **username** parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the username parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe **username** parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the username parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe **password** parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the password parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\nThe **b_id** cookie appears to be vulnerable to SQL injection attacks. The payload **'** was submitted in the b_id cookie, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.  \n  \nThe database appears to be Microsoft SQL Server.\n\n",
       "duplicate": false,
@@ -74022,7 +74022,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-01-03",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -74053,7 +74053,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/logout.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/score.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/product.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/password.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/home.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/contact.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/admin.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/advanced.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/about.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\n",
       "duplicate": false,
@@ -74080,7 +74080,7 @@
       "line": null,
       "mitigated": null,
       "mitigated_by": null,
-      "mitigation": "\n\nThe root cause of the vulnerability can be resolved by not using path-relative URLs in style sheet imports. Aside from this, attacks can also be prevented by implementing all of the following defensive measures: \n\n  * Setting the HTTP response header \"X-Frame-Options: deny\" in all responses. One method that an attacker can use to make a page render in quirks mode is to frame it within their own page that is rendered in quirks mode. Setting this header prevents the page from being framed.\n  * Setting a modern doctype (e.g. \"\u003c!doctype html\u003e\") in all HTML responses. This prevents the page from being rendered in quirks mode (unless it is being framed, as described above).\n  * Setting the HTTP response header \"X-Content-Type-Options: no sniff\" in all responses. This prevents the browser from processing a non-CSS response as CSS, even if another page loads the response via a style sheet import.\n\n\n",
+      "mitigation": "\n\nThe root cause of the vulnerability can be resolved by not using path-relative URLs in style sheet imports. Aside from this, attacks can also be prevented by implementing all of the following defensive measures: \n\n  * Setting the HTTP response header \"X-Frame-Options: deny\" in all responses. One method that an attacker can use to make a page render in quirks mode is to frame it within their own page that is rendered in quirks mode. Setting this header prevents the page from being framed.\n  * Setting a modern doctype (e.g. \"<!doctype html>\") in all HTML responses. This prevents the page from being rendered in quirks mode (unless it is being framed, as described above).\n  * Setting the HTTP response header \"X-Content-Type-Options: no sniff\" in all responses. This prevents the browser from processing a non-CSS response as CSS, even if another page loads the response via a style sheet import.\n\n\n",
       "nb_occurences": null,
       "numerical_severity": "S4",
       "out_of_scope": false,
@@ -74139,7 +74139,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/password.jsp\n\nThe page contains a form with the following action URL, which is submitted over clear-text HTTP:\n\n  * http://localhost:8888/bodgeit/password.jsp\n\nThe form contains the following password fields:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe page contains a form with the following action URL, which is submitted over clear-text HTTP:\n\n  * http://localhost:8888/bodgeit/register.jsp\n\nThe form contains the following password fields:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe page contains a form with the following action URL, which is submitted over clear-text HTTP:\n\n  * http://localhost:8888/bodgeit/login.jsp\n\nThe form contains the following password field:\n  * password\n\n\n\n",
       "duplicate": false,
@@ -74194,7 +74194,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-01-03",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -74225,7 +74225,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/xss/xss.go\nLine number: 59\nIssue Confidence: LOW\n\nCode:\ntemplate.HTML(notFound)\n",
       "duplicate": false,
@@ -74280,7 +74280,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -74311,7 +74311,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/xss/xss.go\nLine number: 58\nIssue Confidence: LOW\n\nCode:\ntemplate.HTML(value)\n",
       "duplicate": false,
@@ -74366,7 +74366,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -74397,7 +74397,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 165\nIssue Confidence: HIGH\n\nCode:\nhasher.Write([]byte(text))\n",
       "duplicate": false,
@@ -74452,7 +74452,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -74483,7 +74483,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 82\nIssue Confidence: HIGH\n\nCode:\np.GetData(sid)\n",
       "duplicate": false,
@@ -74538,7 +74538,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -74569,7 +74569,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/sqli/function.go\nLine number: 36-39\nIssue Confidence: HIGH\n\nCode:\nfmt.Sprintf(`SELECT p.user_id, p.full_name, p.city, p.phone_number \n\t\t\t\t\t\t\t\tFROM Profile as p,Users as u \n\t\t\t\t\t\t\t\twhere p.user_id = u.id \n\t\t\t\t\t\t\t\tand u.id=%s`,uid)\n",
       "duplicate": false,
@@ -74588,7 +74588,7 @@
       "is_mitigated": false,
       "kev_date": null,
       "known_exploited": false,
-      "last_reviewed": "2021-12-06T07:07:19Z",
+      "last_reviewed": "2025-11-06T23:46:52Z",
       "last_reviewed_by": [
         "admin"
       ],
@@ -74624,7 +74624,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -74655,7 +74655,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/user/user.go\nLine number: 8\nIssue Confidence: HIGH\n\nCode:\n\"crypto/md5\"\n",
       "duplicate": false,
@@ -74710,7 +74710,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -74741,7 +74741,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 124\nIssue Confidence: HIGH\n\nCode:\np.GetData(sid)\n",
       "duplicate": false,
@@ -74796,7 +74796,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -74827,7 +74827,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/csa/csa.go\nLine number: 63\nIssue Confidence: HIGH\n\nCode:\nhasher.Write([]byte(text))\n",
       "duplicate": false,
@@ -74882,7 +74882,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -74913,7 +74913,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 164\nIssue Confidence: HIGH\n\nCode:\nmd5.New()\n",
       "duplicate": false,
@@ -74968,7 +74968,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -74999,7 +74999,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/user/user.go\nLine number: 160\nIssue Confidence: HIGH\n\nCode:\nmd5.New()\n",
       "duplicate": false,
@@ -75054,7 +75054,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -75085,7 +75085,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/util/template.go\nLine number: 35\nIssue Confidence: HIGH\n\nCode:\nw.Write(b)\n",
       "duplicate": false,
@@ -75140,7 +75140,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -75171,7 +75171,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/util/middleware/middleware.go\nLine number: 70\nIssue Confidence: HIGH\n\nCode:\nsqlmapDetected, _ := regexp.MatchString(\"sqlmap*\", userAgent)\n",
       "duplicate": false,
@@ -75226,7 +75226,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -75257,7 +75257,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/util/middleware/middleware.go\nLine number: 73\nIssue Confidence: HIGH\n\nCode:\nw.Write([]byte(\"Forbidden\"))\n",
       "duplicate": false,
@@ -75312,7 +75312,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -75343,7 +75343,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/app.go\nLine number: 79\nIssue Confidence: HIGH\n\nCode:\ns.ListenAndServe()\n",
       "duplicate": false,
@@ -75398,7 +75398,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -75429,7 +75429,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/xss/xss.go\nLine number: 62\nIssue Confidence: LOW\n\nCode:\ntemplate.HTML(value)\n",
       "duplicate": false,
@@ -75484,7 +75484,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -75515,7 +75515,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/xss/xss.go\nLine number: 63\nIssue Confidence: LOW\n\nCode:\ntemplate.HTML(vuln)\n",
       "duplicate": false,
@@ -75570,7 +75570,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -75601,9 +75601,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
-      "description": "Filename: /vagrant/go/src/govwa/setting/setting.go\nLine number: 66\nIssue Confidence: HIGH\n\nCode:\n_ = db.QueryRow(sql).Scan(\u0026version)\n",
+      "description": "Filename: /vagrant/go/src/govwa/setting/setting.go\nLine number: 66\nIssue Confidence: HIGH\n\nCode:\n_ = db.QueryRow(sql).Scan(&version)\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": false,
@@ -75656,7 +75656,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -75687,7 +75687,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/setting/setting.go\nLine number: 64\nIssue Confidence: HIGH\n\nCode:\ndb,_ := database.Connect()\n",
       "duplicate": false,
@@ -75742,7 +75742,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -75773,7 +75773,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/csa/csa.go\nLine number: 62\nIssue Confidence: HIGH\n\nCode:\nmd5.New()\n",
       "duplicate": false,
@@ -75828,7 +75828,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -75859,7 +75859,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/csa/csa.go\nLine number: 7\nIssue Confidence: HIGH\n\nCode:\n\"crypto/md5\"\n",
       "duplicate": false,
@@ -75914,7 +75914,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -75945,7 +75945,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 8\nIssue Confidence: HIGH\n\nCode:\n\"crypto/md5\"\n",
       "duplicate": false,
@@ -76000,7 +76000,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -76031,7 +76031,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/util/cookie.go\nLine number: 42\nIssue Confidence: HIGH\n\nCode:\ncookie, _ := r.Cookie(name)\n",
       "duplicate": false,
@@ -76086,7 +76086,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -76117,7 +76117,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 42\nIssue Confidence: HIGH\n\nCode:\np.GetData(sid)\n",
       "duplicate": false,
@@ -76172,7 +76172,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -76203,7 +76203,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/xss/xss.go\nLine number: 100\nIssue Confidence: LOW\n\nCode:\ntemplate.HTML(inlineJS)\n",
       "duplicate": false,
@@ -76258,7 +76258,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -76289,7 +76289,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/vulnerability/idor/idor.go\nLine number: 61\nIssue Confidence: HIGH\n\nCode:\np.GetData(sid)\n",
       "duplicate": false,
@@ -76344,7 +76344,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -76375,7 +76375,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/user/user.go\nLine number: 161\nIssue Confidence: HIGH\n\nCode:\nhasher.Write([]byte(text))\n",
       "duplicate": false,
@@ -76430,7 +76430,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -76461,7 +76461,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/util/template.go\nLine number: 41\nIssue Confidence: HIGH\n\nCode:\ntemplate.ExecuteTemplate(w, name, data)\n",
       "duplicate": false,
@@ -76516,7 +76516,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -76547,7 +76547,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "Filename: /vagrant/go/src/govwa/util/template.go\nLine number: 45\nIssue Confidence: LOW\n\nCode:\ntemplate.HTML(text)\n",
       "duplicate": false,
@@ -76602,7 +76602,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": true,
@@ -76633,7 +76633,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/password.jsp\n\nThe page contains a form with the following action URL:\n\n  * http://localhost:8888/bodgeit/password.jsp\n\nThe form contains the following password fields with autocomplete enabled:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe page contains a form with the following action URL:\n\n  * http://localhost:8888/bodgeit/register.jsp\n\nThe form contains the following password fields with autocomplete enabled:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe page contains a form with the following action URL:\n\n  * http://localhost:8888/bodgeit/login.jsp\n\nThe form contains the following password field with autocomplete enabled:\n  * password\n\n\n\n",
       "duplicate": false,
@@ -76688,7 +76688,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -76719,7 +76719,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/logout.jsp\n\n\nURL: http://localhost:8888/\n\n\nURL: http://localhost:8888/bodgeit/search.jsp\n\n\nURL: http://localhost:8888/bodgeit/score.jsp\n\n\nURL: http://localhost:8888/bodgeit/product.jsp\n\n\nURL: http://localhost:8888/bodgeit/password.jsp\n\n\nURL: http://localhost:8888/bodgeit/home.jsp\n\n\nURL: http://localhost:8888/bodgeit/contact.jsp\n\n\nURL: http://localhost:8888/bodgeit/about.jsp\n\n\nURL: http://localhost:8888/bodgeit/admin.jsp\n\n\nURL: http://localhost:8888/bodgeit/advanced.jsp\n\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\n\nURL: http://localhost:8888/bodgeit/\n\n\n",
       "duplicate": false,
@@ -76805,9 +76805,9 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
-      "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto \u003cscript\u003ealert(1)\u003c/script\u003enwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 \u003cscript\u003ealert(1)\u003c/script\u003ejledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n",
+      "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto <script>alert(1)</script>nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 <script>alert(1)</script>jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n",
       "duplicate": false,
       "duplicate_finding": null,
       "dynamic_finding": true,
@@ -76832,7 +76832,7 @@
       "line": null,
       "mitigated": null,
       "mitigated_by": null,
-      "mitigation": "\n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including \u003c \u003e \" ' and =, should be replaced with the corresponding HTML entities (\u0026lt; \u0026gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n",
+      "mitigation": "\n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > \" ' and =, should be replaced with the corresponding HTML entities (&lt; &gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n",
       "nb_occurences": null,
       "numerical_severity": "S1",
       "out_of_scope": false,
@@ -76860,7 +76860,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-01-03",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -76891,7 +76891,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/\n\n\n",
       "duplicate": false,
@@ -76946,7 +76946,7 @@
       "service": null,
       "severity": "Low",
       "severity_justification": null,
-      "sla_expiration_date": "2022-04-03",
+      "sla_expiration_date": "2026-03-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -76977,7 +76977,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\n\n",
       "duplicate": false,
@@ -77032,7 +77032,7 @@
       "service": null,
       "severity": "Medium",
       "severity_justification": null,
-      "sla_expiration_date": "2022-03-04",
+      "sla_expiration_date": "2026-02-02",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -77063,7 +77063,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/score.jsp\n\nThe following email addresses were disclosed in the response:\n\n  * admin@thebodgeitstore.com\n  * test@thebodgeitstore.com\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe following email address was disclosed in the response:\n\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/product.jsp\n\nThe following email address was disclosed in the response:\n\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/about.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/admin.jsp\n\nThe following email addresses were disclosed in the response:\n\n  * admin@thebodgeitstore.com\n  * test@test.com\n  * test@thebodgeitstore.com\n  * user1@thebodgeitstore.com\n\n\n\nURL: http://localhost:8888/bodgeit/advanced.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe following email address was disclosed in the response:\n\n  * test@test.com\n\n\n\n",
       "duplicate": false,
@@ -77149,7 +77149,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/login.jsp\n\nThe request appears to be vulnerable to cross-site request forgery (CSRF) attacks against unauthenticated functionality. This is unlikely to constitute a security vulnerability in its own right, however it may facilitate exploitation of other vulnerabilities affecting application users.\n\n",
       "duplicate": false,
@@ -77235,7 +77235,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/register.jsp\n\nThe **username** parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the username parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe **username** parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the username parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe **password** parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the password parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\nThe **b_id** cookie appears to be vulnerable to SQL injection attacks. The payload **'** was submitted in the b_id cookie, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.  \n  \nThe database appears to be Microsoft SQL Server.\n\n",
       "duplicate": false,
@@ -77290,7 +77290,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-01-03",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -77321,7 +77321,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/search.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/logout.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/score.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/product.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/password.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/home.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/contact.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/admin.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/advanced.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/basket.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/about.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\nURL: http://localhost:8888/bodgeit/\n\nThe application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.  \n  \nBurp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.\n\n",
       "duplicate": false,
@@ -77348,7 +77348,7 @@
       "line": null,
       "mitigated": null,
       "mitigated_by": null,
-      "mitigation": "\n\nThe root cause of the vulnerability can be resolved by not using path-relative URLs in style sheet imports. Aside from this, attacks can also be prevented by implementing all of the following defensive measures: \n\n  * Setting the HTTP response header \"X-Frame-Options: deny\" in all responses. One method that an attacker can use to make a page render in quirks mode is to frame it within their own page that is rendered in quirks mode. Setting this header prevents the page from being framed.\n  * Setting a modern doctype (e.g. \"\u003c!doctype html\u003e\") in all HTML responses. This prevents the page from being rendered in quirks mode (unless it is being framed, as described above).\n  * Setting the HTTP response header \"X-Content-Type-Options: no sniff\" in all responses. This prevents the browser from processing a non-CSS response as CSS, even if another page loads the response via a style sheet import.\n\n\n",
+      "mitigation": "\n\nThe root cause of the vulnerability can be resolved by not using path-relative URLs in style sheet imports. Aside from this, attacks can also be prevented by implementing all of the following defensive measures: \n\n  * Setting the HTTP response header \"X-Frame-Options: deny\" in all responses. One method that an attacker can use to make a page render in quirks mode is to frame it within their own page that is rendered in quirks mode. Setting this header prevents the page from being framed.\n  * Setting a modern doctype (e.g. \"<!doctype html>\") in all HTML responses. This prevents the page from being rendered in quirks mode (unless it is being framed, as described above).\n  * Setting the HTTP response header \"X-Content-Type-Options: no sniff\" in all responses. This prevents the browser from processing a non-CSS response as CSS, even if another page loads the response via a style sheet import.\n\n\n",
       "nb_occurences": null,
       "numerical_severity": "S4",
       "out_of_scope": false,
@@ -77407,7 +77407,7 @@
       "cvssv4": null,
       "cvssv4_score": null,
       "cwe": 0,
-      "date": "2021-12-04",
+      "date": "2025-11-04",
       "defect_review_requested_by": null,
       "description": "URL: http://localhost:8888/bodgeit/password.jsp\n\nThe page contains a form with the following action URL, which is submitted over clear-text HTTP:\n\n  * http://localhost:8888/bodgeit/password.jsp\n\nThe form contains the following password fields:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe page contains a form with the following action URL, which is submitted over clear-text HTTP:\n\n  * http://localhost:8888/bodgeit/register.jsp\n\nThe form contains the following password fields:\n  * password1\n  * password2\n\n\n\nURL: http://localhost:8888/bodgeit/login.jsp\n\nThe page contains a form with the following action URL, which is submitted over clear-text HTTP:\n\n  * http://localhost:8888/bodgeit/login.jsp\n\nThe form contains the following password field:\n  * password\n\n\n\n",
       "duplicate": false,
@@ -77462,7 +77462,7 @@
       "service": null,
       "severity": "High",
       "severity_justification": null,
-      "sla_expiration_date": "2022-01-03",
+      "sla_expiration_date": "2025-12-04",
       "sla_start_date": null,
       "sonarqube_issue": null,
       "static_finding": false,
@@ -77619,7 +77619,7 @@
       "async_updating": false,
       "business_criticality": "high",
       "created": null,
-      "description": "Accounting software is typically composed of various modules, different sections dealing with particular areas of accounting. Among the most common are:\r\n\r\n**Core modules**\r\n\r\n* Accounts receivable—where the company enters money received\r\n* Accounts payable—where the company enters its bills and pays money it owes\r\n* General ledger—the company's \"books\"\r\n* Billing—where the company produces invoices to clients/customers",
+      "description": "Accounting software is typically composed of various modules, different sections dealing with particular areas of accounting. Among the most common are:\r\n\r\n**Core modules**\r\n\r\n* Accounts receivable\u2014where the company enters money received\r\n* Accounts payable\u2014where the company enters its bills and pays money it owes\r\n* General ledger\u2014the company's \"books\"\r\n* Billing\u2014where the company produces invoices to clients/customers",
       "disable_sla_breach_notifications": false,
       "enable_full_risk_acceptance": true,
       "enable_product_tag_inheritance": false,
@@ -77673,8 +77673,8 @@
       "pgh_label": "insert",
       "pgh_obj": 3,
       "scan_type": null,
-      "target_end": "2021-03-30T00:00:00Z",
-      "target_start": "2021-03-21T00:00:00Z",
+      "target_end": "2025-02-28T16:39:33Z",
+      "target_start": "2025-02-19T16:39:33Z",
       "test_type": 1,
       "title": null,
       "updated": null,
@@ -77703,8 +77703,8 @@
       "pgh_label": "insert",
       "pgh_obj": 13,
       "scan_type": null,
-      "target_end": "2021-04-22T01:00:00Z",
-      "target_start": "2021-04-21T01:00:00Z",
+      "target_end": "2025-03-23T17:39:33Z",
+      "target_start": "2025-03-22T17:39:33Z",
       "test_type": 1,
       "title": null,
       "updated": null,
@@ -77731,8 +77731,8 @@
       "pgh_label": "insert",
       "pgh_obj": 14,
       "scan_type": null,
-      "target_end": "2021-03-30T00:00:00Z",
-      "target_start": "2021-03-21T00:00:00Z",
+      "target_end": "2025-02-28T16:39:33Z",
+      "target_start": "2025-02-19T16:39:33Z",
       "test_type": 1,
       "title": null,
       "updated": null,
@@ -77761,8 +77761,8 @@
       "pgh_label": "insert",
       "pgh_obj": 15,
       "scan_type": null,
-      "target_end": "2021-12-04T00:00:00Z",
-      "target_start": "2021-12-04T00:00:00Z",
+      "target_end": "2025-11-04T16:39:33Z",
+      "target_start": "2025-11-04T16:39:33Z",
       "test_type": 12,
       "title": null,
       "updated": "2021-12-05T12:52:37.052385054Z",
@@ -77791,8 +77791,8 @@
       "pgh_label": "insert",
       "pgh_obj": 16,
       "scan_type": null,
-      "target_end": "2021-12-04T00:00:00Z",
-      "target_start": "2021-12-04T00:00:00Z",
+      "target_end": "2025-11-04T16:39:33Z",
+      "target_start": "2025-11-04T16:39:33Z",
       "test_type": 12,
       "title": null,
       "updated": "2021-12-05T12:54:31.628385054Z",
@@ -77821,8 +77821,8 @@
       "pgh_label": "insert",
       "pgh_obj": 18,
       "scan_type": null,
-      "target_end": "2022-02-24T00:00:00Z",
-      "target_start": "2022-02-19T00:00:00Z",
+      "target_end": "2026-01-25T16:39:33Z",
+      "target_start": "2026-01-20T16:39:33Z",
       "test_type": 21,
       "title": null,
       "updated": "2021-12-05T13:17:40.492385054Z",
@@ -77879,8 +77879,8 @@
       "pgh_label": "insert",
       "pgh_obj": 20,
       "scan_type": null,
-      "target_end": "2022-01-27T00:00:00Z",
-      "target_start": "2022-01-20T00:00:00Z",
+      "target_end": "2025-12-28T16:39:33Z",
+      "target_start": "2025-12-21T16:39:33Z",
       "test_type": 1,
       "title": null,
       "updated": "2021-12-05T13:34:15.590385054Z",
@@ -77909,8 +77909,8 @@
       "pgh_label": "insert",
       "pgh_obj": 21,
       "scan_type": null,
-      "target_end": "2022-01-27T00:00:00Z",
-      "target_start": "2022-01-20T00:00:00Z",
+      "target_end": "2025-12-28T16:39:33Z",
+      "target_start": "2025-12-21T16:39:33Z",
       "test_type": 19,
       "title": null,
       "updated": "2021-12-05T13:34:29.899385054Z",
@@ -77939,8 +77939,8 @@
       "pgh_label": "insert",
       "pgh_obj": 22,
       "scan_type": null,
-      "target_end": "2022-01-27T00:00:00Z",
-      "target_start": "2022-01-20T00:00:00Z",
+      "target_end": "2025-12-28T16:39:33Z",
+      "target_start": "2025-12-21T16:39:33Z",
       "test_type": 17,
       "title": null,
       "updated": "2021-12-05T13:34:48.200385054Z",
@@ -77969,8 +77969,8 @@
       "pgh_label": "insert",
       "pgh_obj": 23,
       "scan_type": null,
-      "target_end": "2022-01-27T00:00:00Z",
-      "target_start": "2022-01-20T00:00:00Z",
+      "target_end": "2025-12-28T16:39:33Z",
+      "target_start": "2025-12-21T16:39:33Z",
       "test_type": 11,
       "title": null,
       "updated": "2021-12-05T13:35:08.304385054Z",
@@ -77999,8 +77999,8 @@
       "pgh_label": "insert",
       "pgh_obj": 25,
       "scan_type": null,
-      "target_end": "2021-12-05T00:00:00Z",
-      "target_start": "2021-12-05T00:00:00Z",
+      "target_end": "2025-11-05T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 17,
       "title": null,
       "updated": "2021-12-06T10:35:42.303385054Z",
@@ -78029,8 +78029,8 @@
       "pgh_label": "insert",
       "pgh_obj": 26,
       "scan_type": null,
-      "target_end": "2021-12-05T00:00:00Z",
-      "target_start": "2021-12-05T00:00:00Z",
+      "target_end": "2025-11-05T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 28,
       "title": null,
       "updated": "2021-12-06T10:37:12.939385054Z",
@@ -78059,8 +78059,8 @@
       "pgh_label": "insert",
       "pgh_obj": 28,
       "scan_type": null,
-      "target_end": "2021-12-05T00:00:00Z",
-      "target_start": "2021-12-05T00:00:00Z",
+      "target_end": "2025-11-05T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 9,
       "title": null,
       "updated": "2021-12-06T10:38:24.006385054Z",
@@ -78089,8 +78089,8 @@
       "pgh_label": "insert",
       "pgh_obj": 29,
       "scan_type": null,
-      "target_end": "2021-12-12T00:00:00Z",
-      "target_start": "2021-12-05T00:00:00Z",
+      "target_end": "2025-11-12T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 29,
       "title": null,
       "updated": "2021-12-06T10:45:30.478385054Z",
@@ -78119,8 +78119,8 @@
       "pgh_label": "insert",
       "pgh_obj": 30,
       "scan_type": null,
-      "target_end": "2021-12-12T00:00:00Z",
-      "target_start": "2021-12-05T00:00:00Z",
+      "target_end": "2025-11-12T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 3,
       "title": null,
       "updated": "2021-12-06T10:45:41.988385054Z",
@@ -78149,8 +78149,8 @@
       "pgh_label": "insert",
       "pgh_obj": 31,
       "scan_type": null,
-      "target_end": "2021-12-05T00:00:00Z",
-      "target_start": "2021-12-05T00:00:00Z",
+      "target_end": "2025-11-05T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 30,
       "title": null,
       "updated": "2021-12-06T10:58:24.523385054Z",
@@ -78179,8 +78179,8 @@
       "pgh_label": "insert",
       "pgh_obj": 32,
       "scan_type": null,
-      "target_end": "2021-12-05T00:00:00Z",
-      "target_start": "2021-12-05T00:00:00Z",
+      "target_end": "2025-11-05T16:39:33Z",
+      "target_start": "2025-11-05T16:39:33Z",
       "test_type": 9,
       "title": null,
       "updated": "2021-12-06T14:34:11.974385054Z",
@@ -79676,7 +79676,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (register.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S1 None None None None None c49c87192b6b4f17151a471fd9d1bf3b302bca08781d67806c6556fe720af1b0 /root/register.jsp",
+      "content": "SQL Injection (register.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S1 None None None None None c49c87192b6b4f17151a471fd9d1bf3b302bca08781d67806c6556fe720af1b0 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -79694,7 +79694,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298)\n\n N/A N/A None None  S2 None None None None None a9c3269038ed8a49c4e7576b359f61a65a3bd82c163089bc20743e5a14aa0ab5 /root/login.jsp",
+      "content": "Download of Code Without Integrity Check (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298)\n\n N/A N/A None None  S2 None None None None None a9c3269038ed8a49c4e7576b359f61a65a3bd82c163089bc20743e5a14aa0ab5 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -79712,7 +79712,7 @@
   },
   {
     "fields": {
-      "content": "Missing X Frame Options (web.xml) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84)\n\n N/A N/A None None  S3 None None None None None 418f79f7a59a306d5e46aa4af1924b64200aed234ae994dcd66485eb30bbe869 /root/WEB-INF/web.xml",
+      "content": "Missing X Frame Options (web.xml) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84)\n\n N/A N/A None None  S3 None None None None None 418f79f7a59a306d5e46aa4af1924b64200aed234ae994dcd66485eb30bbe869 /root/WEB-INF/web.xml",
       "content_type": [
         "dojo",
         "test_import"
@@ -79730,7 +79730,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (AdvancedSearch.java) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n N/A N/A None None  S3 None None None None None 21c80d580d9f1de55f6179e2a08e5684f46c9734d79cf701b2ff25e6776ccdfc /src/com/thebodgeitstore/search/AdvancedSearch.java",
+      "content": "Information Exposure Through an Error Message (AdvancedSearch.java) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n N/A N/A None None  S3 None None None None None 21c80d580d9f1de55f6179e2a08e5684f46c9734d79cf701b2ff25e6776ccdfc /src/com/thebodgeitstore/search/AdvancedSearch.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -79748,7 +79748,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (home.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None fffd29bd0973269ddbbed2e210926c04d42cb12037117261626b95bd52bcff27 /root/home.jsp",
+      "content": "Improper Resource Shutdown or Release (home.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None fffd29bd0973269ddbbed2e210926c04d42cb12037117261626b95bd52bcff27 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -79766,7 +79766,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (basket.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S1 None None None None None 3406086ac5988ee8b55f70c618daf86c21702bb3c4c00e4607e5c21c2e3d3828 /root/basket.jsp",
+      "content": "Reflected XSS All Clients (basket.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S1 None None None None None 3406086ac5988ee8b55f70c618daf86c21702bb3c4c00e4607e5c21c2e3d3828 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -79784,7 +79784,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 24e74e8be8b222cf0b17c034d03c5b43a130c2b960095eb44c55f470e50f6924 /root/register.jsp",
+      "content": "HttpOnlyCookies (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 24e74e8be8b222cf0b17c034d03c5b43a130c2b960095eb44c55f470e50f6924 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -79802,7 +79802,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None None None None a91b30b026cda759c2608e1c8216cdd13e265c030b8c47f4690cd2182e4ad166 /root/register.jsp",
+      "content": "CGI Reflected XSS All Clients (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None None None None a91b30b026cda759c2608e1c8216cdd13e265c030b8c47f4690cd2182e4ad166 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -79820,7 +79820,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None bfd9b74841c8d988d57c99353742f1e3180934ca6be2149a3fb7377329b57b33 /root/product.jsp",
+      "content": "Hardcoded password in Connection String (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None bfd9b74841c8d988d57c99353742f1e3180934ca6be2149a3fb7377329b57b33 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -79838,7 +79838,7 @@
   },
   {
     "fields": {
-      "content": "Client Insecure Randomness (encryption.js) N/A Low **Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n N/A N/A None None  S3 None None None None None 9b003338465e31c37f36b2a2d9b01bf9003d1d2631e2c409b3d19d02c93a20b6 /root/js/encryption.js",
+      "content": "Client Insecure Randomness (encryption.js) N/A Low **Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n N/A N/A None None  S3 None None None None None 9b003338465e31c37f36b2a2d9b01bf9003d1d2631e2c409b3d19d02c93a20b6 /root/js/encryption.js",
       "content_type": [
         "dojo",
         "test_import"
@@ -79856,7 +79856,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (password.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S1 None None None None None 684ee38b55ea509e6c2be4a58ec52ba5d7e0c1952e09f8c8ca2bf0675650bd8f /root/password.jsp",
+      "content": "SQL Injection (password.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S1 None None None None None 684ee38b55ea509e6c2be4a58ec52ba5d7e0c1952e09f8c8ca2bf0675650bd8f /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -79874,7 +79874,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (basket.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S1 None None None None None 99fb15b31049df2445ac3fd8729cbccbc6a19e4e410c3eb0ef95908c00b78fd7 /root/basket.jsp",
+      "content": "Stored XSS (basket.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S1 None None None None None 99fb15b31049df2445ac3fd8729cbccbc6a19e4e410c3eb0ef95908c00b78fd7 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -79892,7 +79892,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None None None None 541eb71776b2d297f9aa790c52297b4f7d26acb0bce7de33bda136fdefe43cb7 /root/home.jsp",
+      "content": "CGI Stored XSS (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None None None None 541eb71776b2d297f9aa790c52297b4f7d26acb0bce7de33bda136fdefe43cb7 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -79910,7 +79910,7 @@
   },
   {
     "fields": {
-      "content": "Not Using a Random IV with CBC Mode (AES.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n N/A N/A None None  S3 None None None None None e5ac755dbe3bfd23995c8d5a99779d188440c9e573d79b44130d90468d41439c /src/com/thebodgeitstore/util/AES.java",
+      "content": "Not Using a Random IV with CBC Mode (AES.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n N/A N/A None None  S3 None None None None None e5ac755dbe3bfd23995c8d5a99779d188440c9e573d79b44130d90468d41439c /src/com/thebodgeitstore/util/AES.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -79928,7 +79928,7 @@
   },
   {
     "fields": {
-      "content": "Collapse of Data into Unsafe Value (contact.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "Collapse of Data into Unsafe Value (contact.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "test_import"
@@ -79946,7 +79946,7 @@
   },
   {
     "fields": {
-      "content": "Stored Boundary Violation (login.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S3 None None None None None b0de3516ab323f5577e6ad94803e2ddf541214bbae868bf34e828ba3a4d966ca /root/login.jsp",
+      "content": "Stored Boundary Violation (login.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S3 None None None None None b0de3516ab323f5577e6ad94803e2ddf541214bbae868bf34e828ba3a4d966ca /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -79964,7 +79964,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 13ceb3acfb49f194493bfb0af44f5f886a9767aa1c6990c8a397af756d97209c /root/home.jsp",
+      "content": "Hardcoded password in Connection String (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 13ceb3acfb49f194493bfb0af44f5f886a9767aa1c6990c8a397af756d97209c /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -79982,7 +79982,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (password.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None None None None 8d7b5f3962f521cd5c2dc40e4ef9a7cc10cfc30efb90f4b5841e8e5463656c61 /root/password.jsp",
+      "content": "Blind SQL Injections (password.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None None None None 8d7b5f3962f521cd5c2dc40e4ef9a7cc10cfc30efb90f4b5841e8e5463656c61 /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80000,7 +80000,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (password.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None None None None 2237f06cb695ec1da91d51cab9fb037d8a9e84f1aa9ddbfeef59eef1a65af47e /root/password.jsp",
+      "content": "Heap Inspection (password.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None None None None 2237f06cb695ec1da91d51cab9fb037d8a9e84f1aa9ddbfeef59eef1a65af47e /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80018,7 +80018,7 @@
   },
   {
     "fields": {
-      "content": "Use of Cryptographically Weak PRNG (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None None None None 05880cd0576bed75819cae74abce873fdcce5f857ec95d937a458b0ca0a49195 /root/home.jsp",
+      "content": "Use of Cryptographically Weak PRNG (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None None None None 05880cd0576bed75819cae74abce873fdcce5f857ec95d937a458b0ca0a49195 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80036,7 +80036,7 @@
   },
   {
     "fields": {
-      "content": "Trust Boundary Violation (login.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S2 None None None None None 9ec4ce27f48767b96297ef3cb8eabba1814ea08a02801692a669540c5a7ce019 /root/login.jsp",
+      "content": "Trust Boundary Violation (login.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S2 None None None None None 9ec4ce27f48767b96297ef3cb8eabba1814ea08a02801692a669540c5a7ce019 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80054,7 +80054,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (admin.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n N/A N/A None None  S3 None None None None None fc95b0887dc03b9f29f45b95aeb41e7f681dc28388279d7e11c233d3b5235c00 /root/admin.jsp",
+      "content": "Information Exposure Through an Error Message (admin.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n N/A N/A None None  S3 None None None None None fc95b0887dc03b9f29f45b95aeb41e7f681dc28388279d7e11c233d3b5235c00 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80072,7 +80072,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n N/A N/A None None  S3 None None None None None bae03653ab0823182626d77d8ba94f2fab26eccdde7bcb11ddd0fb8dee79d717 /root/basket.jsp",
+      "content": "Reliance on Cookies in a Decision (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n N/A N/A None None  S3 None None None None None bae03653ab0823182626d77d8ba94f2fab26eccdde7bcb11ddd0fb8dee79d717 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80090,7 +80090,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None ae4e2ef51220be9b4ca71ee34ae9d174d093e6dd2da41951bc4ad2139a4dad3f /root/product.jsp",
+      "content": "Empty Password In Connection String (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None ae4e2ef51220be9b4ca71ee34ae9d174d093e6dd2da41951bc4ad2139a4dad3f /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80108,7 +80108,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (password.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None None None None c69d0a9ead39b5990a429c6ed185050ffadfda672b020ac6e7322ef02e72563a /root/password.jsp",
+      "content": "Improper Resource Access Authorization (password.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None None None None c69d0a9ead39b5990a429c6ed185050ffadfda672b020ac6e7322ef02e72563a /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80126,7 +80126,7 @@
   },
   {
     "fields": {
-      "content": "Client Cross Frame Scripting Attack (advanced.jsp) N/A Medium **Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None 51b52607f2a5915cd128ba4e24ce8e22ba019757f074a0ebc27c33d91a55378b /root/advanced.jsp",
+      "content": "Client Cross Frame Scripting Attack (advanced.jsp) N/A Medium **Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None None None None 51b52607f2a5915cd128ba4e24ce8e22ba019757f074a0ebc27c33d91a55378b /root/advanced.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80144,7 +80144,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None d947020e418c747ee99a0accd491030f65895189aefea2a96a390b3e843a9905 /root/password.jsp",
+      "content": "Hardcoded password in Connection String (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None d947020e418c747ee99a0accd491030f65895189aefea2a96a390b3e843a9905 /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80162,7 +80162,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies In Config (web.xml) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65)\n\n N/A N/A None None  S2 None None None None None b29d81fdf7a5477a7badd1a47406a27deb12b90d0b3db17f567344d1ec24e65c /root/WEB-INF/web.xml",
+      "content": "HttpOnlyCookies In Config (web.xml) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65)\n\n N/A N/A None None  S2 None None None None None b29d81fdf7a5477a7badd1a47406a27deb12b90d0b3db17f567344d1ec24e65c /root/WEB-INF/web.xml",
       "content_type": [
         "dojo",
         "test_import"
@@ -80180,7 +80180,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (AdvancedSearch.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 514c8fbd9da03f03f770c9e0ca12d8bb20db50f3a836b4d50f16e0d75b0cca08 /src/com/thebodgeitstore/search/AdvancedSearch.java",
+      "content": "Improper Resource Shutdown or Release (AdvancedSearch.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 514c8fbd9da03f03f770c9e0ca12d8bb20db50f3a836b4d50f16e0d75b0cca08 /src/com/thebodgeitstore/search/AdvancedSearch.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -80198,7 +80198,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (login.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None None None None 0441fee04d6e24c168f5b4b567cc31174f464330f27638f83f80ee87d0d3dc03 /root/login.jsp",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (login.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None None None None 0441fee04d6e24c168f5b4b567cc31174f464330f27638f83f80ee87d0d3dc03 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80216,7 +80216,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None None None None 7be257602d73f6146bbd1c6c4ab4970db0867933a1d2e87675770529b841d800 /root/login.jsp",
+      "content": "CGI Reflected XSS All Clients (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None None None None 7be257602d73f6146bbd1c6c4ab4970db0867933a1d2e87675770529b841d800 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80234,7 +80234,7 @@
   },
   {
     "fields": {
-      "content": "Suspected XSS (password.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** \u003ctd\u003e\u003c%=username%\u003e\u003c/td\u003e\n-----\n N/A N/A None None  S3 None None None None None ff922242dd15286d81f09888a33ad571eca598b615bf4d4b9024af17df42bc17 /root/password.jsp",
+      "content": "Suspected XSS (password.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** <td><%=username%></td>\n-----\n N/A N/A None None  S3 None None None None None ff922242dd15286d81f09888a33ad571eca598b615bf4d4b9024af17df42bc17 /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80252,7 +80252,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (contact.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 964aeee36e5998da77d3229f43830d362838d860d9e30c415fb58e9686a49625 /root/contact.jsp",
+      "content": "Hardcoded password in Connection String (contact.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 964aeee36e5998da77d3229f43830d362838d860d9e30c415fb58e9686a49625 /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80270,7 +80270,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (dbconnection.jspf) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None e57ed13a66f4041fa377af4db5110a50a8f4a67e0c7c2b3e955e4118844a2904 /root/dbconnection.jspf",
+      "content": "Hardcoded password in Connection String (dbconnection.jspf) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None e57ed13a66f4041fa377af4db5110a50a8f4a67e0c7c2b3e955e4118844a2904 /root/dbconnection.jspf",
       "content_type": [
         "dojo",
         "test_import"
@@ -80288,7 +80288,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107)\n\n N/A N/A None None  S3 None None None None None 8fc3621137e4dd32d75801ac6948909b20f671d21ed9dfe89d0e2f49a2554653 /root/register.jsp",
+      "content": "Empty Password In Connection String (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107)\n\n N/A N/A None None  S3 None None None None None 8fc3621137e4dd32d75801ac6948909b20f671d21ed9dfe89d0e2f49a2554653 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80306,7 +80306,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 3988a18fe8f515ab1f92c649f43f20d33e8e8692d00a9dc80f2863342b522698 /root/home.jsp",
+      "content": "Download of Code Without Integrity Check (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 3988a18fe8f515ab1f92c649f43f20d33e8e8692d00a9dc80f2863342b522698 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80324,7 +80324,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None cfc58944e3181521dc3a9ec917dcb54d7a54ebbf3f0e8aaca7fec60a05485c63 /root/home.jsp",
+      "content": "Information Exposure Through an Error Message (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None cfc58944e3181521dc3a9ec917dcb54d7a54ebbf3f0e8aaca7fec60a05485c63 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80342,7 +80342,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (login.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S1 None None None None None 9878411e3b89bc832e58fa15e46d19e2e607309d3df9f152114d5ff62f95f0ce /root/login.jsp",
+      "content": "SQL Injection (login.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S1 None None None None None 9878411e3b89bc832e58fa15e46d19e2e607309d3df9f152114d5ff62f95f0ce /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80360,7 +80360,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (advanced.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S3 None None None None None 35055620006745673ffba1cb3c1e8c09a9fd59f6438e6d45fbbb222a10968120 /root/advanced.jsp",
+      "content": "Empty Password In Connection String (advanced.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S3 None None None None None 35055620006745673ffba1cb3c1e8c09a9fd59f6438e6d45fbbb222a10968120 /root/advanced.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80378,7 +80378,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (score.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S2 None None None None None 60fff62e2e1d2383da91886a96d64905e184a3044037dc2595c3ccf28faacd6c /root/score.jsp",
+      "content": "CGI Stored XSS (score.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S2 None None None None None 60fff62e2e1d2383da91886a96d64905e184a3044037dc2595c3ccf28faacd6c /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80396,7 +80396,7 @@
   },
   {
     "fields": {
-      "content": "Plaintext Storage in a Cookie (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None None None None c81c73f4bd1bb970a016bd7e5f1979af8d05eac71f387b2da9bd4affcaf13f81 /root/basket.jsp",
+      "content": "Plaintext Storage in a Cookie (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None None None None c81c73f4bd1bb970a016bd7e5f1979af8d05eac71f387b2da9bd4affcaf13f81 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80414,7 +80414,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (contact.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n N/A N/A None None  S3 None None None None None 1e74e0c4e0572c6bb5aaee26176b8a40ce024325bbffea1ddbb120bab9d9542c /root/contact.jsp",
+      "content": "Information Exposure Through an Error Message (contact.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n N/A N/A None None  S3 None None None None None 1e74e0c4e0572c6bb5aaee26176b8a40ce024325bbffea1ddbb120bab9d9542c /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80432,7 +80432,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None 4568d7e34ac50ab291c955c8acb368e5abe73de05bd3080e2efc7b00f329600f /root/basket.jsp",
+      "content": "Hardcoded password in Connection String (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n N/A N/A None None  S2 None None None None None 4568d7e34ac50ab291c955c8acb368e5abe73de05bd3080e2efc7b00f329600f /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80450,7 +80450,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (admin.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S1 None None None None None 1f91fef184e69387463ce9719fe9756145e16e76d39609aa5fa3e0eaa1274d05 /root/admin.jsp",
+      "content": "Stored XSS (admin.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S1 None None None None None 1f91fef184e69387463ce9719fe9756145e16e76d39609aa5fa3e0eaa1274d05 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80468,7 +80468,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (admin.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 75a93a572c186be5fe7f5221a64306b5b35dddf605b5e231ffc74442bd3728a4 /root/admin.jsp",
+      "content": "Download of Code Without Integrity Check (admin.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 75a93a572c186be5fe7f5221a64306b5b35dddf605b5e231ffc74442bd3728a4 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80486,7 +80486,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (init.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None afd07fc450ae8609c93797c8fd893028f7d8a9841999facd0a08236696c05841 /root/init.jsp",
+      "content": "Empty Password In Connection String (init.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None afd07fc450ae8609c93797c8fd893028f7d8a9841999facd0a08236696c05841 /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80504,7 +80504,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (login.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n N/A N/A None None  S2 None None None None None 78439e5edd436844bb6dc527f6effe0836b88b0fb946747b7f957da95b479fc2 /root/login.jsp",
+      "content": "Heap Inspection (login.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n N/A N/A None None  S2 None None None None None 78439e5edd436844bb6dc527f6effe0836b88b0fb946747b7f957da95b479fc2 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80522,7 +80522,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 92b54561d5d262a88920162ba7bf19fc0444975582be837047cab5d79c992447 /root/product.jsp",
+      "content": "Download of Code Without Integrity Check (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 92b54561d5d262a88920162ba7bf19fc0444975582be837047cab5d79c992447 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80540,7 +80540,7 @@
   },
   {
     "fields": {
-      "content": "Session Fixation (AdvancedSearch.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n N/A N/A None None  S2 None None None None None f24533b1fc628061c2037eb55ffe66aed6bfa2436fadaf6e424e4905ed238e21 /src/com/thebodgeitstore/search/AdvancedSearch.java",
+      "content": "Session Fixation (AdvancedSearch.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n N/A N/A None None  S2 None None None None None f24533b1fc628061c2037eb55ffe66aed6bfa2436fadaf6e424e4905ed238e21 /src/com/thebodgeitstore/search/AdvancedSearch.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -80558,7 +80558,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (search.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** \u003c%= output %\u003e\n-----\n N/A N/A None None  S1 None None None None None 38321299050d31a3b8168316e30316d786236785a9c31427fb6f2631d3065a7c /root/search.jsp",
+      "content": "Stored XSS (search.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** <%= output %>\n-----\n N/A N/A None None  S1 None None None None None 38321299050d31a3b8168316e30316d786236785a9c31427fb6f2631d3065a7c /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80576,7 +80576,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (dbconnection.jspf) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None 24cd9b35200f9ca729fcccb8348baccd2ddfeee2f22177fd40e46931f8547659 /root/dbconnection.jspf",
+      "content": "Empty Password In Connection String (dbconnection.jspf) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None 24cd9b35200f9ca729fcccb8348baccd2ddfeee2f22177fd40e46931f8547659 /root/dbconnection.jspf",
       "content_type": [
         "dojo",
         "test_import"
@@ -80594,7 +80594,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (init.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 148a501a59e0d04eb52b5cd58b4d654b4a7883e8ad09dcd5801e775113a1000d /root/init.jsp",
+      "content": "Hardcoded password in Connection String (init.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 148a501a59e0d04eb52b5cd58b4d654b4a7883e8ad09dcd5801e775113a1000d /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80612,7 +80612,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "Reflected XSS All Clients (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "test_import"
@@ -80630,7 +80630,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 06cd6507296edca41e97d652a873c31230bf98fa8bdeab477fedb680ff606932 /root/basket.jsp",
+      "content": "HttpOnlyCookies (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 06cd6507296edca41e97d652a873c31230bf98fa8bdeab477fedb680ff606932 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80648,7 +80648,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305)\n\n N/A N/A None None  S2 None None None None None 62f3875efdcf326015adee1ecd85c4ecdca5bc9c4719e5c9177dff8b0afffa1f /root/register.jsp",
+      "content": "Download of Code Without Integrity Check (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305)\n\n N/A N/A None None  S2 None None None None None 62f3875efdcf326015adee1ecd85c4ecdca5bc9c4719e5c9177dff8b0afffa1f /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80666,7 +80666,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (home.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None None None None 0007a2df1ab7dc00f2144451d894f513c7d872e1153a0759982a8c866001cc02 /root/home.jsp",
+      "content": "Stored XSS (home.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None None None None 0007a2df1ab7dc00f2144451d894f513c7d872e1153a0759982a8c866001cc02 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80684,7 +80684,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None 7dba1c0820d0f6017ca3333f7f9a8865a862604c4b13a1eed04666c6e364fa36 /root/home.jsp",
+      "content": "Empty Password In Connection String (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None 7dba1c0820d0f6017ca3333f7f9a8865a862604c4b13a1eed04666c6e364fa36 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80702,7 +80702,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (register.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None None None None 95568708fa568cc74c7ef8279b87869ebc932305da1878dbb1b7597c75a57bc1 /root/register.jsp",
+      "content": "Reflected XSS All Clients (register.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None None None None 95568708fa568cc74c7ef8279b87869ebc932305da1878dbb1b7597c75a57bc1 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80720,7 +80720,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None b037e71624f50f74cfbd0f0cd561daa1e87b1ac3690b19b1d3fe3c36ef452628 /root/product.jsp",
+      "content": "Improper Resource Access Authorization (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None b037e71624f50f74cfbd0f0cd561daa1e87b1ac3690b19b1d3fe3c36ef452628 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80738,7 +80738,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 945eb840563ed9b29b08ff0838d391e775d2e45f26817ad0b321b41e608564cf /root/password.jsp",
+      "content": "Download of Code Without Integrity Check (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 945eb840563ed9b29b08ff0838d391e775d2e45f26817ad0b321b41e608564cf /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80756,7 +80756,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (score.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307)\n\n N/A N/A None None  S2 None None None None None 6e270eb7494286a67571f0d33112e997365a0de45a119ef8199d270c32d806ab /root/score.jsp",
+      "content": "Download of Code Without Integrity Check (score.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307)\n\n N/A N/A None None  S2 None None None None None 6e270eb7494286a67571f0d33112e997365a0de45a119ef8199d270c32d806ab /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80774,7 +80774,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n N/A N/A None None  S3 None None None None None 76a4b74903cac92c02f0d0c7eca32f417f6ce4a3fb04f16eff17cfc0e8f8df7f /root/basket.jsp",
+      "content": "Improper Resource Access Authorization (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n N/A N/A None None  S3 None None None None None 76a4b74903cac92c02f0d0c7eca32f417f6ce4a3fb04f16eff17cfc0e8f8df7f /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80792,7 +80792,7 @@
   },
   {
     "fields": {
-      "content": "Race Condition Format Flaw (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\" + nf.format(pricetopay) + \"\");\n-----\n N/A N/A None None  S3 None None None None None 3db6ca06969817d45acccd02c0ba65067c1e11e9d4d7c34c7301612e63b2f75a /root/basket.jsp",
+      "content": "Race Condition Format Flaw (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\" + nf.format(pricetopay) + \"\");\n-----\n N/A N/A None None  S3 None None None None None 3db6ca06969817d45acccd02c0ba65067c1e11e9d4d7c34c7301612e63b2f75a /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80810,7 +80810,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n N/A N/A None None  S3 None None None None None 66ad49b768c1dcb417d1047d6a3e134473f45969fdc41c529a37088dec29804e /root/header.jsp",
+      "content": "Empty Password In Connection String (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n N/A N/A None None  S3 None None None None None 66ad49b768c1dcb417d1047d6a3e134473f45969fdc41c529a37088dec29804e /root/header.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80828,7 +80828,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (FunctionalZAP.java) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n N/A N/A None None  S3 None None None None None 174ea52e3d43e0e3089705762ecd259a74bdb4c592473a8c4615c8d37e840725 /src/com/thebodgeitstore/selenium/tests/FunctionalZAP.java",
+      "content": "Improper Resource Access Authorization (FunctionalZAP.java) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n N/A N/A None None  S3 None None None None None 174ea52e3d43e0e3089705762ecd259a74bdb4c592473a8c4615c8d37e840725 /src/com/thebodgeitstore/selenium/tests/FunctionalZAP.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -80846,7 +80846,7 @@
   },
   {
     "fields": {
-      "content": "Suspected XSS (contact.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S3 None None None None None cecce89612fa88ff6270b822a8840911536f983c5ab580f5e7df0ec93a95884a /root/contact.jsp",
+      "content": "Suspected XSS (contact.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S3 None None None None None cecce89612fa88ff6270b822a8840911536f983c5ab580f5e7df0ec93a95884a /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80864,7 +80864,7 @@
   },
   {
     "fields": {
-      "content": "Use of Cryptographically Weak PRNG (init.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None afa0b4d8453f20629d5863f0cb1b8d4e31bf2e8c4476db973a78731ffcf08bd2 /root/init.jsp",
+      "content": "Use of Cryptographically Weak PRNG (init.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None afa0b4d8453f20629d5863f0cb1b8d4e31bf2e8c4476db973a78731ffcf08bd2 /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80882,7 +80882,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None None None None 1aec22aeffa8b6201ad60b0a0d2b166ddbaefca6ab534bbc4d2a827bc02f5c20 /root/product.jsp",
+      "content": "CGI Stored XSS (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None None None None 1aec22aeffa8b6201ad60b0a0d2b166ddbaefca6ab534bbc4d2a827bc02f5c20 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80900,7 +80900,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (init.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None 2a7f9ff0b80ef53370128384650fe897d773383109c7d171159cbfbc232476e2 /root/init.jsp",
+      "content": "Improper Resource Shutdown or Release (init.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None 2a7f9ff0b80ef53370128384650fe897d773383109c7d171159cbfbc232476e2 /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80918,7 +80918,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (header.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n N/A N/A None None  S2 None None None None None bef5f29fc5d5f44cef3dd5db1aaeeb5f2e5d7480a197045e6d176f0ab26b5fa2 /root/header.jsp",
+      "content": "Download of Code Without Integrity Check (header.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n N/A N/A None None  S2 None None None None None bef5f29fc5d5f44cef3dd5db1aaeeb5f2e5d7480a197045e6d176f0ab26b5fa2 /root/header.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80936,7 +80936,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80954,7 +80954,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None None None None 2de5b8ed091eaaf750260b056239152b81363c790977699374b03d93e1d28551 /root/login.jsp",
+      "content": "Blind SQL Injections (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None None None None 2de5b8ed091eaaf750260b056239152b81363c790977699374b03d93e1d28551 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80972,7 +80972,7 @@
   },
   {
     "fields": {
-      "content": "Client DOM Open Redirect (advanced.jsp) N/A Low **Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** New Search\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** New Search\n-----\n N/A N/A None None  S3 None None None None None 3173d904f9ac1a4779a3b5fd52f271e6a7871d6cb5387d2ced15025a4a15db93 /root/advanced.jsp",
+      "content": "Client DOM Open Redirect (advanced.jsp) N/A Low **Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** New Search\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** New Search\n-----\n N/A N/A None None  S3 None None None None None 3173d904f9ac1a4779a3b5fd52f271e6a7871d6cb5387d2ced15025a4a15db93 /root/advanced.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -80990,7 +80990,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (search.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None 775723c89fdaed1cc6b85ecc489c028159d261e95e7ad4ad80d03ddd63bc99ea /root/search.jsp",
+      "content": "Hardcoded password in Connection String (search.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S2 None None None None None 775723c89fdaed1cc6b85ecc489c028159d261e95e7ad4ad80d03ddd63bc99ea /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81008,7 +81008,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S2 None None None None None 9e3aa3082f7d93e52f9bfe97630e9fd6f6c04c5791dd22505ab238d1a6bf9242 /root/basket.jsp",
+      "content": "CGI Stored XSS (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S2 None None None None None 9e3aa3082f7d93e52f9bfe97630e9fd6f6c04c5791dd22505ab238d1a6bf9242 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81026,7 +81026,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (init.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 2fe1558daec12a621f0504714bee44be8d382a57c7cdda160ddad8a2e8b8ca48 /root/init.jsp",
+      "content": "Use of Insufficiently Random Values (init.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 2fe1558daec12a621f0504714bee44be8d382a57c7cdda160ddad8a2e8b8ca48 /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81044,7 +81044,7 @@
   },
   {
     "fields": {
-      "content": "Missing X Frame Options (web.xml) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S3 None None None None None 5fb0f064b2f7098c57e1115b391bf7a6eb57feae63c2848b916a5b79dccf66f3 /build/WEB-INF/web.xml",
+      "content": "Missing X Frame Options (web.xml) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S3 None None None None None 5fb0f064b2f7098c57e1115b391bf7a6eb57feae63c2848b916a5b79dccf66f3 /build/WEB-INF/web.xml",
       "content_type": [
         "dojo",
         "test_import"
@@ -81062,7 +81062,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (search.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"alert(\\\"xss\\\")\") \u003e= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** You searched for: \u003c%= query %\u003e\n-----\n N/A N/A None None  S1 None None None None None 86efaa45244686266a1c4f1aef52d60ce791dd4cb64feebe5b214db5838b8e06 /root/search.jsp",
+      "content": "Reflected XSS All Clients (search.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"alert(\\\"xss\\\")\") >= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** You searched for: <%= query %>\n-----\n N/A N/A None None  S1 None None None None None 86efaa45244686266a1c4f1aef52d60ce791dd4cb64feebe5b214db5838b8e06 /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81080,7 +81080,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (basket.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None None None None 7d988ddc1b32f65ada9bd17516943b28e33458ea570ce92843bdb49e7a7e22fb /root/basket.jsp",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (basket.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None None None None 7d988ddc1b32f65ada9bd17516943b28e33458ea570ce92843bdb49e7a7e22fb /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81098,7 +81098,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 1c24c0fc04774515bc6dc38386250282055e0585ae71b405586b552ca04b31c9 /root/score.jsp",
+      "content": "Information Exposure Through an Error Message (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 1c24c0fc04774515bc6dc38386250282055e0585ae71b405586b552ca04b31c9 /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81116,7 +81116,7 @@
   },
   {
     "fields": {
-      "content": "Use of Hard coded Cryptographic Key (AdvancedSearch.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n N/A N/A None None  S2 None None None None None d68d7152bc4b3f069aa236ff41cab28da77d7e668b77cb4de10ae8bf7a2e85be /src/com/thebodgeitstore/search/AdvancedSearch.java",
+      "content": "Use of Hard coded Cryptographic Key (AdvancedSearch.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n N/A N/A None None  S2 None None None None None d68d7152bc4b3f069aa236ff41cab28da77d7e668b77cb4de10ae8bf7a2e85be /src/com/thebodgeitstore/search/AdvancedSearch.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -81134,7 +81134,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (register.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None None None None 84c57ed3e3723016b9425c8549bd0faab967538a59e072c2dc5c85974a72bf41 /root/register.jsp",
+      "content": "Reliance on Cookies in a Decision (register.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None None None None 84c57ed3e3723016b9425c8549bd0faab967538a59e072c2dc5c85974a72bf41 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81152,7 +81152,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n N/A N/A None None  S1 None None None None None 2dc7787335253be93ebb64d3ad632116363f3a5821c070db4cc28c18a0eee09e /root/contact.jsp",
+      "content": "Stored XSS (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n N/A N/A None None  S1 None None None None None 2dc7787335253be93ebb64d3ad632116363f3a5821c070db4cc28c18a0eee09e /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81170,7 +81170,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (admin.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S2 None None None None None 45fe7a9d8b946b2cbc6aaf8b5e36608cc629e5f388f91433664d3c2f19a29991 /root/admin.jsp",
+      "content": "CGI Stored XSS (admin.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S2 None None None None None 45fe7a9d8b946b2cbc6aaf8b5e36608cc629e5f388f91433664d3c2f19a29991 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81188,7 +81188,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (register.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None None None None 6e5f6914b0e963152cff1f6b9fe1c39a2f177979e6885bdbac5bd88f1d40d8cd /root/register.jsp",
+      "content": "Heap Inspection (register.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None None None None 6e5f6914b0e963152cff1f6b9fe1c39a2f177979e6885bdbac5bd88f1d40d8cd /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81206,7 +81206,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (search.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 763571cd8b09d88baae5cc8bc9d755e2401e204c335894933401186d14be3992 /root/search.jsp",
+      "content": "Improper Resource Shutdown or Release (search.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 763571cd8b09d88baae5cc8bc9d755e2401e204c335894933401186d14be3992 /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81224,7 +81224,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") \u003e= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 508298807b8bd2787b58a49d31bd3f056293c7656e8936eb2e478b3636fa5e19 /root/register.jsp",
+      "content": "Information Exposure Through an Error Message (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") >= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 508298807b8bd2787b58a49d31bd3f056293c7656e8936eb2e478b3636fa5e19 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81242,7 +81242,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (init.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None 1544a01109756bdb265135b3dbc4efca3a22c8d19fa9b50407c94760f04d5610 /root/init.jsp",
+      "content": "Improper Resource Access Authorization (init.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None 1544a01109756bdb265135b3dbc4efca3a22c8d19fa9b50407c94760f04d5610 /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81260,7 +81260,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (header.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n N/A N/A None None  S2 None None None None None d6251c8822044d55511b364098e264ca2113391d999c6aefe5c1cca3743e2f2d /root/header.jsp",
+      "content": "CGI Stored XSS (header.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n N/A N/A None None  S2 None None None None None d6251c8822044d55511b364098e264ca2113391d999c6aefe5c1cca3743e2f2d /root/header.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81278,7 +81278,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None None None None f8234be5bed59174a5f1f4efef0acb152b788f55c1804e2abbc185fe69ceea31 /root/basket.jsp",
+      "content": "Blind SQL Injections (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None None None None f8234be5bed59174a5f1f4efef0acb152b788f55c1804e2abbc185fe69ceea31 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81296,7 +81296,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies In Config (web.xml) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S2 None None None None None 7d3502f71ea947677c3ae5e39ae8da99c7024c3820a1c546bbdfe3ea4a0fdfc0 /build/WEB-INF/web.xml",
+      "content": "HttpOnlyCookies In Config (web.xml) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S2 None None None None None 7d3502f71ea947677c3ae5e39ae8da99c7024c3820a1c546bbdfe3ea4a0fdfc0 /build/WEB-INF/web.xml",
       "content_type": [
         "dojo",
         "test_import"
@@ -81314,7 +81314,7 @@
   },
   {
     "fields": {
-      "content": "Use of Hard coded Cryptographic Key (AES.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n N/A N/A None None  S2 None None None None None 779b4fe3dd494b8c323ddb7cb879f60051ac263904a16ac65af5a210cf797c0b /src/com/thebodgeitstore/util/AES.java",
+      "content": "Use of Hard coded Cryptographic Key (AES.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n N/A N/A None None  S2 None None None None None 779b4fe3dd494b8c323ddb7cb879f60051ac263904a16ac65af5a210cf797c0b /src/com/thebodgeitstore/util/AES.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -81332,7 +81332,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (score.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 326fbad527801598a49946804f53bff975023eeb4c7c992932611d45d0b46201 /root/score.jsp",
+      "content": "Improper Resource Shutdown or Release (score.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 326fbad527801598a49946804f53bff975023eeb4c7c992932611d45d0b46201 /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81350,7 +81350,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S2 None None None None None d818b17afca02a70991162f0cf5fbb16d2fef322b72c5c77b4c32bd209b3dc02 /root/basket.jsp",
+      "content": "CGI Reflected XSS All Clients (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S2 None None None None None d818b17afca02a70991162f0cf5fbb16d2fef322b72c5c77b4c32bd209b3dc02 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81368,7 +81368,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (score.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S1 None None None None None 926d5bb4d3abbed178afd6c5ffb752e6774908ad90893262c187e71e3197f31d /root/score.jsp",
+      "content": "Stored XSS (score.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S1 None None None None None 926d5bb4d3abbed178afd6c5ffb752e6774908ad90893262c187e71e3197f31d /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81386,7 +81386,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None cfa4c706348e59de8b65228daccc21474abf67877a50dec0efa031e947d2e3bd /root/basket.jsp",
+      "content": "Information Exposure Through an Error Message (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None cfa4c706348e59de8b65228daccc21474abf67877a50dec0efa031e947d2e3bd /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81404,7 +81404,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n N/A N/A None None  S3 None None None None None b493926fdab24fe92c9c28363e72429e66631bd5056f574ddefb983212933d10 /root/search.jsp",
+      "content": "Improper Resource Access Authorization (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n N/A N/A None None  S3 None None None None None b493926fdab24fe92c9c28363e72429e66631bd5056f574ddefb983212933d10 /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81422,7 +81422,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 40f3e776293c5c19ac7b521181adfef56ed09288fa417f519d1cc6071cba8a17 /root/home.jsp",
+      "content": "Improper Resource Access Authorization (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 40f3e776293c5c19ac7b521181adfef56ed09288fa417f519d1cc6071cba8a17 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81440,7 +81440,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (admin.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 8332e5bd42770868b5db865ca9017c31fcea5a91cff250c4341dc73ed5fdb6e6 /root/admin.jsp",
+      "content": "Improper Resource Shutdown or Release (admin.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 8332e5bd42770868b5db865ca9017c31fcea5a91cff250c4341dc73ed5fdb6e6 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81458,7 +81458,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 641ba17f6201ed5f40524a90c0e0fc03d8a4731528be567b639362cef3f20ef2 /root/search.jsp",
+      "content": "Information Exposure Through an Error Message (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 641ba17f6201ed5f40524a90c0e0fc03d8a4731528be567b639362cef3f20ef2 /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81476,7 +81476,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None None None None c3fb1583f06a0ce7bee2084607680b357d63dd8f9cc56d5d09f0601a3c62a336 /root/register.jsp",
+      "content": "Blind SQL Injections (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None None None None c3fb1583f06a0ce7bee2084607680b357d63dd8f9cc56d5d09f0601a3c62a336 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81494,7 +81494,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (login.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None None None None 11b43c1ce56100d6a92b74b27d6e6901f3822b44c4b6e8437a7622f71c3a58a9 /root/login.jsp",
+      "content": "Reliance on Cookies in a Decision (login.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None None None None 11b43c1ce56100d6a92b74b27d6e6901f3822b44c4b6e8437a7622f71c3a58a9 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81512,7 +81512,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (search.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None 7a001d11b5d7d20f5215658fc735a31e530696faddeae3eacf81662d4870e89a /root/search.jsp",
+      "content": "Download of Code Without Integrity Check (search.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S2 None None None None None 7a001d11b5d7d20f5215658fc735a31e530696faddeae3eacf81662d4870e89a /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81530,7 +81530,7 @@
   },
   {
     "fields": {
-      "content": "Unsynchronized Access To Shared Data (AdvancedSearch.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n N/A N/A None None  S3 None None None None None dc13f474e6f512cb31374bfa4658ce7a866d6b832d40742e784ef14f6513ab87 /src/com/thebodgeitstore/search/AdvancedSearch.java",
+      "content": "Unsynchronized Access To Shared Data (AdvancedSearch.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n N/A N/A None None  S3 None None None None None dc13f474e6f512cb31374bfa4658ce7a866d6b832d40742e784ef14f6513ab87 /src/com/thebodgeitstore/search/AdvancedSearch.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -81548,7 +81548,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S3 None None None None None 63f306f6577c64ad2d38ddd3985cc649b11dd360f7a962e98cb63686c89b2b95 /root/search.jsp",
+      "content": "Empty Password In Connection String (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S3 None None None None None 63f306f6577c64ad2d38ddd3985cc649b11dd360f7a962e98cb63686c89b2b95 /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81566,7 +81566,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81584,7 +81584,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 5b24a32f74c75879a1adc65bf89b03bb64f81565dbd6a2240149f2ce1bd27d40 /root/score.jsp",
+      "content": "Improper Resource Access Authorization (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 5b24a32f74c75879a1adc65bf89b03bb64f81565dbd6a2240149f2ce1bd27d40 /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81602,7 +81602,7 @@
   },
   {
     "fields": {
-      "content": "Session Fixation (logout.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n N/A N/A None None  S2 None None None None None 08569015fcc466a18ab405324d0dfe6af4b141110e47b73226ea117ecd44ff10 /root/logout.jsp",
+      "content": "Session Fixation (logout.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n N/A N/A None None  S2 None None None None None 08569015fcc466a18ab405324d0dfe6af4b141110e47b73226ea117ecd44ff10 /root/logout.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81620,7 +81620,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802)\n\n N/A N/A None None  S2 None None None None None fd480c121d5e26af3fb8c7ec89137aab25d86e44ff154f5aae742384cf80a2dd /root/login.jsp",
+      "content": "Hardcoded password in Connection String (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802)\n\n N/A N/A None None  S2 None None None None None fd480c121d5e26af3fb8c7ec89137aab25d86e44ff154f5aae742384cf80a2dd /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81638,7 +81638,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (advanced.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None b755a0cc07b69b72eb284df102459af7c502318c53c769999ec925d0da354d44 /root/advanced.jsp",
+      "content": "Hardcoded password in Connection String (advanced.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None None None None b755a0cc07b69b72eb284df102459af7c502318c53c769999ec925d0da354d44 /root/advanced.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81656,7 +81656,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None None None None 70d68584520c7bc1b47ca45fc75b42460659a52957a10fe2a99858c32b329ae1 /root/login.jsp",
+      "content": "Improper Resource Access Authorization (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None None None None 70d68584520c7bc1b47ca45fc75b42460659a52957a10fe2a99858c32b329ae1 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81674,7 +81674,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 920ba1bf2ab979534eda06dd720ba0baa9cff2b1c14fd1ad56e89a5d656ed2f9 /root/header.jsp",
+      "content": "Improper Resource Access Authorization (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 920ba1bf2ab979534eda06dd720ba0baa9cff2b1c14fd1ad56e89a5d656ed2f9 /root/header.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81692,7 +81692,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109)\n\n N/A N/A None None  S3 None None None None None 6bea74fa6a2e15eb4e272fd8033b63984cb1cfefd52189c7031b58d7bd325f44 /root/score.jsp",
+      "content": "Empty Password In Connection String (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109)\n\n N/A N/A None None  S3 None None None None None 6bea74fa6a2e15eb4e272fd8033b63984cb1cfefd52189c7031b58d7bd325f44 /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81710,7 +81710,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (password.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n N/A N/A None None  S3 None None None None None 97e071423b295531965759c3641effa4a92e8e67f5ae40a3248a0a296aada52d /root/password.jsp",
+      "content": "Improper Resource Shutdown or Release (password.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n N/A N/A None None  S3 None None None None None 97e071423b295531965759c3641effa4a92e8e67f5ae40a3248a0a296aada52d /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81728,7 +81728,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (product.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 810541dc4d59d52088c1c29bfbb5ed70b10bfa657980a3099b26ff8799955f28 /root/product.jsp",
+      "content": "Improper Resource Shutdown or Release (product.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 810541dc4d59d52088c1c29bfbb5ed70b10bfa657980a3099b26ff8799955f28 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81746,7 +81746,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100)\n\n N/A N/A None None  S3 None None None None None eba9a993ff2b55ebdda24cb3c0fbc777bd7bcf038a01463f56b2f472f5a95296 /root/login.jsp",
+      "content": "Empty Password In Connection String (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100)\n\n N/A N/A None None  S3 None None None None None eba9a993ff2b55ebdda24cb3c0fbc777bd7bcf038a01463f56b2f472f5a95296 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81764,7 +81764,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None af0420cc3c001e6a1c65aceb86644080bcdb3f08b6be7cfc96a3bb3e20685afb /root/login.jsp",
+      "content": "Information Exposure Through an Error Message (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None af0420cc3c001e6a1c65aceb86644080bcdb3f08b6be7cfc96a3bb3e20685afb /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81782,7 +81782,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (contact.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None None None None 78ceea05b00023deec3b210877d332bf03d07b237e8339f508a18c62b1146f88 /root/contact.jsp",
+      "content": "Use of Insufficiently Random Values (contact.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None None None None 78ceea05b00023deec3b210877d332bf03d07b237e8339f508a18c62b1146f88 /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81800,7 +81800,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S1 None None None None None 9384efff38eaa33266a2f5888dea18392a0e8b658b770fcfed268f06d3a1052d /root/contact.jsp",
+      "content": "Stored XSS (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S1 None None None None None 9384efff38eaa33266a2f5888dea18392a0e8b658b770fcfed268f06d3a1052d /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81818,7 +81818,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 93595b491f79115f85df3ef403cfc4ecd34e22dedf95aa24fbc18f56039d26f3 /root/login.jsp",
+      "content": "HttpOnlyCookies (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 93595b491f79115f85df3ef403cfc4ecd34e22dedf95aa24fbc18f56039d26f3 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81836,7 +81836,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (register.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None None None None ebfe755d6f8f91724d9d8a0672c12dce0200f818bce80b7fcaab30987b124a99 /root/register.jsp",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (register.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None None None None ebfe755d6f8f91724d9d8a0672c12dce0200f818bce80b7fcaab30987b124a99 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81854,7 +81854,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 584b05859f76b43b2736a28ac1c8ac88497704d0f31868218fcda9077396a215 /root/header.jsp",
+      "content": "Information Exposure Through an Error Message (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 584b05859f76b43b2736a28ac1c8ac88497704d0f31868218fcda9077396a215 /root/header.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81872,7 +81872,7 @@
   },
   {
     "fields": {
-      "content": "Race Condition Format Flaw (product.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\" + nf.format(price) + \"\");\n-----\n N/A N/A None None  S3 None None None None None b1306a4177b37bad4dbe763419df19ec56d7442262be5dfeff6d346b3b900ad1 /root/product.jsp",
+      "content": "Race Condition Format Flaw (product.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\" + nf.format(price) + \"\");\n-----\n N/A N/A None None  S3 None None None None None b1306a4177b37bad4dbe763419df19ec56d7442262be5dfeff6d346b3b900ad1 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81890,7 +81890,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (product.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n N/A N/A None None  S1 None None None None None 59304c367c39a7f0983c4ef2f90a13207866a37422ff5cc03db07d0efe46aed2 /root/product.jsp",
+      "content": "Stored XSS (product.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n N/A N/A None None  S1 None None None None None 59304c367c39a7f0983c4ef2f90a13207866a37422ff5cc03db07d0efe46aed2 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81908,7 +81908,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81926,7 +81926,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (init.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 28820e0352bb80a1d3c1085204cfeb522ddd29ee680ae46350260bf63359646f /root/init.jsp",
+      "content": "Heap Inspection (init.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 28820e0352bb80a1d3c1085204cfeb522ddd29ee680ae46350260bf63359646f /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81944,7 +81944,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (contact.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "CGI Reflected XSS All Clients (contact.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "test_import"
@@ -81962,7 +81962,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (contact.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None ce6c5523b17b77be323a526e757f04235f6d8a3023ac5208b12b7c34de4fcbb6 /root/contact.jsp",
+      "content": "Empty Password In Connection String (contact.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None ce6c5523b17b77be323a526e757f04235f6d8a3023ac5208b12b7c34de4fcbb6 /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81980,7 +81980,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n N/A N/A None None  S3 None None None None None 85b4b54f401f88fb286b6442b56fecb5922a025504207d94f5835e4b9e4c3d49 /root/product.jsp",
+      "content": "Information Exposure Through an Error Message (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n N/A N/A None None  S3 None None None None None 85b4b54f401f88fb286b6442b56fecb5922a025504207d94f5835e4b9e4c3d49 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -81998,7 +81998,7 @@
   },
   {
     "fields": {
-      "content": "XSRF (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S2 None None None None None 371010ba334ccc433d73bf0c9cdaec557d5f7ec338c6f925d8a71763a228d473 /root/password.jsp",
+      "content": "XSRF (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S2 None None None None None 371010ba334ccc433d73bf0c9cdaec557d5f7ec338c6f925d8a71763a228d473 /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82016,7 +82016,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (advanced.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None ea8b569d6c5fe9dba625c6540acd9880534f7a19a5bf4b84fb838ad65d08d26f /root/advanced.jsp",
+      "content": "Download of Code Without Integrity Check (advanced.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None None None None ea8b569d6c5fe9dba625c6540acd9880534f7a19a5bf4b84fb838ad65d08d26f /root/advanced.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82034,7 +82034,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None None None None d0e517ef410747c79f882b9fc73a04a92ef6b4792017378ae5c4a39e21a921c5 /root/register.jsp",
+      "content": "Improper Resource Access Authorization (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None None None None d0e517ef410747c79f882b9fc73a04a92ef6b4792017378ae5c4a39e21a921c5 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82070,7 +82070,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (register.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S1 None None None None None c49c87192b6b4f17151a471fd9d1bf3b302bca08781d67806c6556fe720af1b0 /root/register.jsp",
+      "content": "SQL Injection (register.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S1 None None None None None c49c87192b6b4f17151a471fd9d1bf3b302bca08781d67806c6556fe720af1b0 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82088,7 +82088,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298)\n\n N/A N/A None None  S2 None None None None None a9c3269038ed8a49c4e7576b359f61a65a3bd82c163089bc20743e5a14aa0ab5 /root/login.jsp",
+      "content": "Download of Code Without Integrity Check (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298)\n\n N/A N/A None None  S2 None None None None None a9c3269038ed8a49c4e7576b359f61a65a3bd82c163089bc20743e5a14aa0ab5 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82106,7 +82106,7 @@
   },
   {
     "fields": {
-      "content": "Missing X Frame Options (web.xml) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84)\n\n N/A N/A None None  S3 None None None None None 418f79f7a59a306d5e46aa4af1924b64200aed234ae994dcd66485eb30bbe869 /root/WEB-INF/web.xml",
+      "content": "Missing X Frame Options (web.xml) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84)\n\n N/A N/A None None  S3 None None None None None 418f79f7a59a306d5e46aa4af1924b64200aed234ae994dcd66485eb30bbe869 /root/WEB-INF/web.xml",
       "content_type": [
         "dojo",
         "test_import"
@@ -82124,7 +82124,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (AdvancedSearch.java) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n N/A N/A None None  S3 None None None None None 21c80d580d9f1de55f6179e2a08e5684f46c9734d79cf701b2ff25e6776ccdfc /src/com/thebodgeitstore/search/AdvancedSearch.java",
+      "content": "Information Exposure Through an Error Message (AdvancedSearch.java) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n N/A N/A None None  S3 None None None None None 21c80d580d9f1de55f6179e2a08e5684f46c9734d79cf701b2ff25e6776ccdfc /src/com/thebodgeitstore/search/AdvancedSearch.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -82142,7 +82142,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (home.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None fffd29bd0973269ddbbed2e210926c04d42cb12037117261626b95bd52bcff27 /root/home.jsp",
+      "content": "Improper Resource Shutdown or Release (home.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None fffd29bd0973269ddbbed2e210926c04d42cb12037117261626b95bd52bcff27 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82160,7 +82160,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (basket.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S1 None None None None None 3406086ac5988ee8b55f70c618daf86c21702bb3c4c00e4607e5c21c2e3d3828 /root/basket.jsp",
+      "content": "Reflected XSS All Clients (basket.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S1 None None None None None 3406086ac5988ee8b55f70c618daf86c21702bb3c4c00e4607e5c21c2e3d3828 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82178,7 +82178,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 24e74e8be8b222cf0b17c034d03c5b43a130c2b960095eb44c55f470e50f6924 /root/register.jsp",
+      "content": "HttpOnlyCookies (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 24e74e8be8b222cf0b17c034d03c5b43a130c2b960095eb44c55f470e50f6924 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82196,7 +82196,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None None None None a91b30b026cda759c2608e1c8216cdd13e265c030b8c47f4690cd2182e4ad166 /root/register.jsp",
+      "content": "CGI Reflected XSS All Clients (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None None None None a91b30b026cda759c2608e1c8216cdd13e265c030b8c47f4690cd2182e4ad166 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82214,7 +82214,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None bfd9b74841c8d988d57c99353742f1e3180934ca6be2149a3fb7377329b57b33 /root/product.jsp",
+      "content": "Hardcoded password in Connection String (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None bfd9b74841c8d988d57c99353742f1e3180934ca6be2149a3fb7377329b57b33 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82232,7 +82232,7 @@
   },
   {
     "fields": {
-      "content": "Client Insecure Randomness (encryption.js) N/A Low **Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n N/A N/A None None  S3 None None None None None 9b003338465e31c37f36b2a2d9b01bf9003d1d2631e2c409b3d19d02c93a20b6 /root/js/encryption.js",
+      "content": "Client Insecure Randomness (encryption.js) N/A Low **Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n N/A N/A None None  S3 None None None None None 9b003338465e31c37f36b2a2d9b01bf9003d1d2631e2c409b3d19d02c93a20b6 /root/js/encryption.js",
       "content_type": [
         "dojo",
         "test_import"
@@ -82250,7 +82250,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (password.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S1 None None None None None 684ee38b55ea509e6c2be4a58ec52ba5d7e0c1952e09f8c8ca2bf0675650bd8f /root/password.jsp",
+      "content": "SQL Injection (password.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S1 None None None None None 684ee38b55ea509e6c2be4a58ec52ba5d7e0c1952e09f8c8ca2bf0675650bd8f /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82268,7 +82268,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (basket.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S1 None None None None None 99fb15b31049df2445ac3fd8729cbccbc6a19e4e410c3eb0ef95908c00b78fd7 /root/basket.jsp",
+      "content": "Stored XSS (basket.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S1 None None None None None 99fb15b31049df2445ac3fd8729cbccbc6a19e4e410c3eb0ef95908c00b78fd7 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82286,7 +82286,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None None None None 541eb71776b2d297f9aa790c52297b4f7d26acb0bce7de33bda136fdefe43cb7 /root/home.jsp",
+      "content": "CGI Stored XSS (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None None None None 541eb71776b2d297f9aa790c52297b4f7d26acb0bce7de33bda136fdefe43cb7 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82304,7 +82304,7 @@
   },
   {
     "fields": {
-      "content": "Not Using a Random IV with CBC Mode (AES.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n N/A N/A None None  S3 None None None None None e5ac755dbe3bfd23995c8d5a99779d188440c9e573d79b44130d90468d41439c /src/com/thebodgeitstore/util/AES.java",
+      "content": "Not Using a Random IV with CBC Mode (AES.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n N/A N/A None None  S3 None None None None None e5ac755dbe3bfd23995c8d5a99779d188440c9e573d79b44130d90468d41439c /src/com/thebodgeitstore/util/AES.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -82322,7 +82322,7 @@
   },
   {
     "fields": {
-      "content": "Collapse of Data into Unsafe Value (contact.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "Collapse of Data into Unsafe Value (contact.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "test_import"
@@ -82340,7 +82340,7 @@
   },
   {
     "fields": {
-      "content": "Stored Boundary Violation (login.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S3 None None None None None b0de3516ab323f5577e6ad94803e2ddf541214bbae868bf34e828ba3a4d966ca /root/login.jsp",
+      "content": "Stored Boundary Violation (login.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S3 None None None None None b0de3516ab323f5577e6ad94803e2ddf541214bbae868bf34e828ba3a4d966ca /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82358,7 +82358,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 13ceb3acfb49f194493bfb0af44f5f886a9767aa1c6990c8a397af756d97209c /root/home.jsp",
+      "content": "Hardcoded password in Connection String (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 13ceb3acfb49f194493bfb0af44f5f886a9767aa1c6990c8a397af756d97209c /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82376,7 +82376,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (password.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None None None None 8d7b5f3962f521cd5c2dc40e4ef9a7cc10cfc30efb90f4b5841e8e5463656c61 /root/password.jsp",
+      "content": "Blind SQL Injections (password.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None None None None 8d7b5f3962f521cd5c2dc40e4ef9a7cc10cfc30efb90f4b5841e8e5463656c61 /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82394,7 +82394,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (password.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None None None None 2237f06cb695ec1da91d51cab9fb037d8a9e84f1aa9ddbfeef59eef1a65af47e /root/password.jsp",
+      "content": "Heap Inspection (password.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None None None None 2237f06cb695ec1da91d51cab9fb037d8a9e84f1aa9ddbfeef59eef1a65af47e /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82412,7 +82412,7 @@
   },
   {
     "fields": {
-      "content": "Use of Cryptographically Weak PRNG (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None None None None 05880cd0576bed75819cae74abce873fdcce5f857ec95d937a458b0ca0a49195 /root/home.jsp",
+      "content": "Use of Cryptographically Weak PRNG (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None None None None 05880cd0576bed75819cae74abce873fdcce5f857ec95d937a458b0ca0a49195 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82430,7 +82430,7 @@
   },
   {
     "fields": {
-      "content": "Trust Boundary Violation (login.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S2 None None None None None 9ec4ce27f48767b96297ef3cb8eabba1814ea08a02801692a669540c5a7ce019 /root/login.jsp",
+      "content": "Trust Boundary Violation (login.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S2 None None None None None 9ec4ce27f48767b96297ef3cb8eabba1814ea08a02801692a669540c5a7ce019 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82448,7 +82448,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (admin.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n N/A N/A None None  S3 None None None None None fc95b0887dc03b9f29f45b95aeb41e7f681dc28388279d7e11c233d3b5235c00 /root/admin.jsp",
+      "content": "Information Exposure Through an Error Message (admin.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n N/A N/A None None  S3 None None None None None fc95b0887dc03b9f29f45b95aeb41e7f681dc28388279d7e11c233d3b5235c00 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82466,7 +82466,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n N/A N/A None None  S3 None None None None None bae03653ab0823182626d77d8ba94f2fab26eccdde7bcb11ddd0fb8dee79d717 /root/basket.jsp",
+      "content": "Reliance on Cookies in a Decision (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n N/A N/A None None  S3 None None None None None bae03653ab0823182626d77d8ba94f2fab26eccdde7bcb11ddd0fb8dee79d717 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82484,7 +82484,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None ae4e2ef51220be9b4ca71ee34ae9d174d093e6dd2da41951bc4ad2139a4dad3f /root/product.jsp",
+      "content": "Empty Password In Connection String (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None ae4e2ef51220be9b4ca71ee34ae9d174d093e6dd2da41951bc4ad2139a4dad3f /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82502,7 +82502,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (password.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None None None None c69d0a9ead39b5990a429c6ed185050ffadfda672b020ac6e7322ef02e72563a /root/password.jsp",
+      "content": "Improper Resource Access Authorization (password.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None None None None c69d0a9ead39b5990a429c6ed185050ffadfda672b020ac6e7322ef02e72563a /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82520,7 +82520,7 @@
   },
   {
     "fields": {
-      "content": "Client Cross Frame Scripting Attack (advanced.jsp) N/A Medium **Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None 51b52607f2a5915cd128ba4e24ce8e22ba019757f074a0ebc27c33d91a55378b /root/advanced.jsp",
+      "content": "Client Cross Frame Scripting Attack (advanced.jsp) N/A Medium **Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None None None None 51b52607f2a5915cd128ba4e24ce8e22ba019757f074a0ebc27c33d91a55378b /root/advanced.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82538,7 +82538,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None d947020e418c747ee99a0accd491030f65895189aefea2a96a390b3e843a9905 /root/password.jsp",
+      "content": "Hardcoded password in Connection String (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None d947020e418c747ee99a0accd491030f65895189aefea2a96a390b3e843a9905 /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82556,7 +82556,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies In Config (web.xml) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65)\n\n N/A N/A None None  S2 None None None None None b29d81fdf7a5477a7badd1a47406a27deb12b90d0b3db17f567344d1ec24e65c /root/WEB-INF/web.xml",
+      "content": "HttpOnlyCookies In Config (web.xml) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65)\n\n N/A N/A None None  S2 None None None None None b29d81fdf7a5477a7badd1a47406a27deb12b90d0b3db17f567344d1ec24e65c /root/WEB-INF/web.xml",
       "content_type": [
         "dojo",
         "test_import"
@@ -82574,7 +82574,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (AdvancedSearch.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 514c8fbd9da03f03f770c9e0ca12d8bb20db50f3a836b4d50f16e0d75b0cca08 /src/com/thebodgeitstore/search/AdvancedSearch.java",
+      "content": "Improper Resource Shutdown or Release (AdvancedSearch.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 514c8fbd9da03f03f770c9e0ca12d8bb20db50f3a836b4d50f16e0d75b0cca08 /src/com/thebodgeitstore/search/AdvancedSearch.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -82592,7 +82592,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (login.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None None None None 0441fee04d6e24c168f5b4b567cc31174f464330f27638f83f80ee87d0d3dc03 /root/login.jsp",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (login.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None None None None 0441fee04d6e24c168f5b4b567cc31174f464330f27638f83f80ee87d0d3dc03 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82610,7 +82610,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None None None None 7be257602d73f6146bbd1c6c4ab4970db0867933a1d2e87675770529b841d800 /root/login.jsp",
+      "content": "CGI Reflected XSS All Clients (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None None None None 7be257602d73f6146bbd1c6c4ab4970db0867933a1d2e87675770529b841d800 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82628,7 +82628,7 @@
   },
   {
     "fields": {
-      "content": "Suspected XSS (password.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** \u003ctd\u003e\u003c%=username%\u003e\u003c/td\u003e\n-----\n N/A N/A None None  S3 None None None None None ff922242dd15286d81f09888a33ad571eca598b615bf4d4b9024af17df42bc17 /root/password.jsp",
+      "content": "Suspected XSS (password.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** <td><%=username%></td>\n-----\n N/A N/A None None  S3 None None None None None ff922242dd15286d81f09888a33ad571eca598b615bf4d4b9024af17df42bc17 /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82646,7 +82646,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (contact.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 964aeee36e5998da77d3229f43830d362838d860d9e30c415fb58e9686a49625 /root/contact.jsp",
+      "content": "Hardcoded password in Connection String (contact.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 964aeee36e5998da77d3229f43830d362838d860d9e30c415fb58e9686a49625 /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82664,7 +82664,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (dbconnection.jspf) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None e57ed13a66f4041fa377af4db5110a50a8f4a67e0c7c2b3e955e4118844a2904 /root/dbconnection.jspf",
+      "content": "Hardcoded password in Connection String (dbconnection.jspf) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None e57ed13a66f4041fa377af4db5110a50a8f4a67e0c7c2b3e955e4118844a2904 /root/dbconnection.jspf",
       "content_type": [
         "dojo",
         "test_import"
@@ -82682,7 +82682,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107)\n\n N/A N/A None None  S3 None None None None None 8fc3621137e4dd32d75801ac6948909b20f671d21ed9dfe89d0e2f49a2554653 /root/register.jsp",
+      "content": "Empty Password In Connection String (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107)\n\n N/A N/A None None  S3 None None None None None 8fc3621137e4dd32d75801ac6948909b20f671d21ed9dfe89d0e2f49a2554653 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82700,7 +82700,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 3988a18fe8f515ab1f92c649f43f20d33e8e8692d00a9dc80f2863342b522698 /root/home.jsp",
+      "content": "Download of Code Without Integrity Check (home.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 3988a18fe8f515ab1f92c649f43f20d33e8e8692d00a9dc80f2863342b522698 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82718,7 +82718,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None cfc58944e3181521dc3a9ec917dcb54d7a54ebbf3f0e8aaca7fec60a05485c63 /root/home.jsp",
+      "content": "Information Exposure Through an Error Message (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None cfc58944e3181521dc3a9ec917dcb54d7a54ebbf3f0e8aaca7fec60a05485c63 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82736,7 +82736,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (login.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S1 None None None None None 9878411e3b89bc832e58fa15e46d19e2e607309d3df9f152114d5ff62f95f0ce /root/login.jsp",
+      "content": "SQL Injection (login.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S1 None None None None None 9878411e3b89bc832e58fa15e46d19e2e607309d3df9f152114d5ff62f95f0ce /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82754,7 +82754,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (advanced.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S3 None None None None None 35055620006745673ffba1cb3c1e8c09a9fd59f6438e6d45fbbb222a10968120 /root/advanced.jsp",
+      "content": "Empty Password In Connection String (advanced.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S3 None None None None None 35055620006745673ffba1cb3c1e8c09a9fd59f6438e6d45fbbb222a10968120 /root/advanced.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82772,7 +82772,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (score.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S2 None None None None None 60fff62e2e1d2383da91886a96d64905e184a3044037dc2595c3ccf28faacd6c /root/score.jsp",
+      "content": "CGI Stored XSS (score.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S2 None None None None None 60fff62e2e1d2383da91886a96d64905e184a3044037dc2595c3ccf28faacd6c /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82790,7 +82790,7 @@
   },
   {
     "fields": {
-      "content": "Plaintext Storage in a Cookie (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None None None None c81c73f4bd1bb970a016bd7e5f1979af8d05eac71f387b2da9bd4affcaf13f81 /root/basket.jsp",
+      "content": "Plaintext Storage in a Cookie (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None None None None c81c73f4bd1bb970a016bd7e5f1979af8d05eac71f387b2da9bd4affcaf13f81 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82808,7 +82808,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (contact.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n N/A N/A None None  S3 None None None None None 1e74e0c4e0572c6bb5aaee26176b8a40ce024325bbffea1ddbb120bab9d9542c /root/contact.jsp",
+      "content": "Information Exposure Through an Error Message (contact.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n N/A N/A None None  S3 None None None None None 1e74e0c4e0572c6bb5aaee26176b8a40ce024325bbffea1ddbb120bab9d9542c /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82826,7 +82826,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None 4568d7e34ac50ab291c955c8acb368e5abe73de05bd3080e2efc7b00f329600f /root/basket.jsp",
+      "content": "Hardcoded password in Connection String (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n N/A N/A None None  S2 None None None None None 4568d7e34ac50ab291c955c8acb368e5abe73de05bd3080e2efc7b00f329600f /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82844,7 +82844,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (admin.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S1 None None None None None 1f91fef184e69387463ce9719fe9756145e16e76d39609aa5fa3e0eaa1274d05 /root/admin.jsp",
+      "content": "Stored XSS (admin.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S1 None None None None None 1f91fef184e69387463ce9719fe9756145e16e76d39609aa5fa3e0eaa1274d05 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82862,7 +82862,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (admin.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 75a93a572c186be5fe7f5221a64306b5b35dddf605b5e231ffc74442bd3728a4 /root/admin.jsp",
+      "content": "Download of Code Without Integrity Check (admin.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 75a93a572c186be5fe7f5221a64306b5b35dddf605b5e231ffc74442bd3728a4 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82880,7 +82880,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (init.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None afd07fc450ae8609c93797c8fd893028f7d8a9841999facd0a08236696c05841 /root/init.jsp",
+      "content": "Empty Password In Connection String (init.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None afd07fc450ae8609c93797c8fd893028f7d8a9841999facd0a08236696c05841 /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82898,7 +82898,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (login.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n N/A N/A None None  S2 None None None None None 78439e5edd436844bb6dc527f6effe0836b88b0fb946747b7f957da95b479fc2 /root/login.jsp",
+      "content": "Heap Inspection (login.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n N/A N/A None None  S2 None None None None None 78439e5edd436844bb6dc527f6effe0836b88b0fb946747b7f957da95b479fc2 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82916,7 +82916,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 92b54561d5d262a88920162ba7bf19fc0444975582be837047cab5d79c992447 /root/product.jsp",
+      "content": "Download of Code Without Integrity Check (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 92b54561d5d262a88920162ba7bf19fc0444975582be837047cab5d79c992447 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82934,7 +82934,7 @@
   },
   {
     "fields": {
-      "content": "Session Fixation (AdvancedSearch.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n N/A N/A None None  S2 None None None None None f24533b1fc628061c2037eb55ffe66aed6bfa2436fadaf6e424e4905ed238e21 /src/com/thebodgeitstore/search/AdvancedSearch.java",
+      "content": "Session Fixation (AdvancedSearch.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n N/A N/A None None  S2 None None None None None f24533b1fc628061c2037eb55ffe66aed6bfa2436fadaf6e424e4905ed238e21 /src/com/thebodgeitstore/search/AdvancedSearch.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -82952,7 +82952,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (search.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** \u003c%= output %\u003e\n-----\n N/A N/A None None  S1 None None None None None 38321299050d31a3b8168316e30316d786236785a9c31427fb6f2631d3065a7c /root/search.jsp",
+      "content": "Stored XSS (search.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** <%= output %>\n-----\n N/A N/A None None  S1 None None None None None 38321299050d31a3b8168316e30316d786236785a9c31427fb6f2631d3065a7c /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -82970,7 +82970,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (dbconnection.jspf) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None 24cd9b35200f9ca729fcccb8348baccd2ddfeee2f22177fd40e46931f8547659 /root/dbconnection.jspf",
+      "content": "Empty Password In Connection String (dbconnection.jspf) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None 24cd9b35200f9ca729fcccb8348baccd2ddfeee2f22177fd40e46931f8547659 /root/dbconnection.jspf",
       "content_type": [
         "dojo",
         "test_import"
@@ -82988,7 +82988,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (init.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 148a501a59e0d04eb52b5cd58b4d654b4a7883e8ad09dcd5801e775113a1000d /root/init.jsp",
+      "content": "Hardcoded password in Connection String (init.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 148a501a59e0d04eb52b5cd58b4d654b4a7883e8ad09dcd5801e775113a1000d /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83006,7 +83006,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "Reflected XSS All Clients (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "test_import"
@@ -83024,7 +83024,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 06cd6507296edca41e97d652a873c31230bf98fa8bdeab477fedb680ff606932 /root/basket.jsp",
+      "content": "HttpOnlyCookies (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 06cd6507296edca41e97d652a873c31230bf98fa8bdeab477fedb680ff606932 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83042,7 +83042,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305)\n\n N/A N/A None None  S2 None None None None None 62f3875efdcf326015adee1ecd85c4ecdca5bc9c4719e5c9177dff8b0afffa1f /root/register.jsp",
+      "content": "Download of Code Without Integrity Check (register.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305)\n\n N/A N/A None None  S2 None None None None None 62f3875efdcf326015adee1ecd85c4ecdca5bc9c4719e5c9177dff8b0afffa1f /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83060,7 +83060,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (home.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None None None None 0007a2df1ab7dc00f2144451d894f513c7d872e1153a0759982a8c866001cc02 /root/home.jsp",
+      "content": "Stored XSS (home.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None None None None 0007a2df1ab7dc00f2144451d894f513c7d872e1153a0759982a8c866001cc02 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83078,7 +83078,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None 7dba1c0820d0f6017ca3333f7f9a8865a862604c4b13a1eed04666c6e364fa36 /root/home.jsp",
+      "content": "Empty Password In Connection String (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None 7dba1c0820d0f6017ca3333f7f9a8865a862604c4b13a1eed04666c6e364fa36 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83096,7 +83096,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (register.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None None None None 95568708fa568cc74c7ef8279b87869ebc932305da1878dbb1b7597c75a57bc1 /root/register.jsp",
+      "content": "Reflected XSS All Clients (register.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None None None None 95568708fa568cc74c7ef8279b87869ebc932305da1878dbb1b7597c75a57bc1 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83114,7 +83114,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None b037e71624f50f74cfbd0f0cd561daa1e87b1ac3690b19b1d3fe3c36ef452628 /root/product.jsp",
+      "content": "Improper Resource Access Authorization (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None b037e71624f50f74cfbd0f0cd561daa1e87b1ac3690b19b1d3fe3c36ef452628 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83132,7 +83132,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 945eb840563ed9b29b08ff0838d391e775d2e45f26817ad0b321b41e608564cf /root/password.jsp",
+      "content": "Download of Code Without Integrity Check (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 945eb840563ed9b29b08ff0838d391e775d2e45f26817ad0b321b41e608564cf /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83150,7 +83150,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (score.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307)\n\n N/A N/A None None  S2 None None None None None 6e270eb7494286a67571f0d33112e997365a0de45a119ef8199d270c32d806ab /root/score.jsp",
+      "content": "Download of Code Without Integrity Check (score.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307)\n\n N/A N/A None None  S2 None None None None None 6e270eb7494286a67571f0d33112e997365a0de45a119ef8199d270c32d806ab /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83168,7 +83168,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n N/A N/A None None  S3 None None None None None 76a4b74903cac92c02f0d0c7eca32f417f6ce4a3fb04f16eff17cfc0e8f8df7f /root/basket.jsp",
+      "content": "Improper Resource Access Authorization (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n N/A N/A None None  S3 None None None None None 76a4b74903cac92c02f0d0c7eca32f417f6ce4a3fb04f16eff17cfc0e8f8df7f /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83186,7 +83186,7 @@
   },
   {
     "fields": {
-      "content": "Race Condition Format Flaw (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\" + nf.format(pricetopay) + \"\");\n-----\n N/A N/A None None  S3 None None None None None 3db6ca06969817d45acccd02c0ba65067c1e11e9d4d7c34c7301612e63b2f75a /root/basket.jsp",
+      "content": "Race Condition Format Flaw (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\" + nf.format(pricetopay) + \"\");\n-----\n N/A N/A None None  S3 None None None None None 3db6ca06969817d45acccd02c0ba65067c1e11e9d4d7c34c7301612e63b2f75a /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83204,7 +83204,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n N/A N/A None None  S3 None None None None None 66ad49b768c1dcb417d1047d6a3e134473f45969fdc41c529a37088dec29804e /root/header.jsp",
+      "content": "Empty Password In Connection String (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n N/A N/A None None  S3 None None None None None 66ad49b768c1dcb417d1047d6a3e134473f45969fdc41c529a37088dec29804e /root/header.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83222,7 +83222,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (FunctionalZAP.java) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n N/A N/A None None  S3 None None None None None 174ea52e3d43e0e3089705762ecd259a74bdb4c592473a8c4615c8d37e840725 /src/com/thebodgeitstore/selenium/tests/FunctionalZAP.java",
+      "content": "Improper Resource Access Authorization (FunctionalZAP.java) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n N/A N/A None None  S3 None None None None None 174ea52e3d43e0e3089705762ecd259a74bdb4c592473a8c4615c8d37e840725 /src/com/thebodgeitstore/selenium/tests/FunctionalZAP.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -83240,7 +83240,7 @@
   },
   {
     "fields": {
-      "content": "Suspected XSS (contact.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S3 None None None None None cecce89612fa88ff6270b822a8840911536f983c5ab580f5e7df0ec93a95884a /root/contact.jsp",
+      "content": "Suspected XSS (contact.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S3 None None None None None cecce89612fa88ff6270b822a8840911536f983c5ab580f5e7df0ec93a95884a /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83258,7 +83258,7 @@
   },
   {
     "fields": {
-      "content": "Use of Cryptographically Weak PRNG (init.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None afa0b4d8453f20629d5863f0cb1b8d4e31bf2e8c4476db973a78731ffcf08bd2 /root/init.jsp",
+      "content": "Use of Cryptographically Weak PRNG (init.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None afa0b4d8453f20629d5863f0cb1b8d4e31bf2e8c4476db973a78731ffcf08bd2 /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83276,7 +83276,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None None None None 1aec22aeffa8b6201ad60b0a0d2b166ddbaefca6ab534bbc4d2a827bc02f5c20 /root/product.jsp",
+      "content": "CGI Stored XSS (product.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None None None None 1aec22aeffa8b6201ad60b0a0d2b166ddbaefca6ab534bbc4d2a827bc02f5c20 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83294,7 +83294,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (init.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None 2a7f9ff0b80ef53370128384650fe897d773383109c7d171159cbfbc232476e2 /root/init.jsp",
+      "content": "Improper Resource Shutdown or Release (init.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None 2a7f9ff0b80ef53370128384650fe897d773383109c7d171159cbfbc232476e2 /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83312,7 +83312,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (header.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n N/A N/A None None  S2 None None None None None bef5f29fc5d5f44cef3dd5db1aaeeb5f2e5d7480a197045e6d176f0ab26b5fa2 /root/header.jsp",
+      "content": "Download of Code Without Integrity Check (header.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n N/A N/A None None  S2 None None None None None bef5f29fc5d5f44cef3dd5db1aaeeb5f2e5d7480a197045e6d176f0ab26b5fa2 /root/header.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83330,7 +83330,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83348,7 +83348,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None None None None 2de5b8ed091eaaf750260b056239152b81363c790977699374b03d93e1d28551 /root/login.jsp",
+      "content": "Blind SQL Injections (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None None None None 2de5b8ed091eaaf750260b056239152b81363c790977699374b03d93e1d28551 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83366,7 +83366,7 @@
   },
   {
     "fields": {
-      "content": "Client DOM Open Redirect (advanced.jsp) N/A Low **Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** New Search\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** New Search\n-----\n N/A N/A None None  S3 None None None None None 3173d904f9ac1a4779a3b5fd52f271e6a7871d6cb5387d2ced15025a4a15db93 /root/advanced.jsp",
+      "content": "Client DOM Open Redirect (advanced.jsp) N/A Low **Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** New Search\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** New Search\n-----\n N/A N/A None None  S3 None None None None None 3173d904f9ac1a4779a3b5fd52f271e6a7871d6cb5387d2ced15025a4a15db93 /root/advanced.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83384,7 +83384,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (search.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None 775723c89fdaed1cc6b85ecc489c028159d261e95e7ad4ad80d03ddd63bc99ea /root/search.jsp",
+      "content": "Hardcoded password in Connection String (search.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S2 None None None None None 775723c89fdaed1cc6b85ecc489c028159d261e95e7ad4ad80d03ddd63bc99ea /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83402,7 +83402,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S2 None None None None None 9e3aa3082f7d93e52f9bfe97630e9fd6f6c04c5791dd22505ab238d1a6bf9242 /root/basket.jsp",
+      "content": "CGI Stored XSS (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S2 None None None None None 9e3aa3082f7d93e52f9bfe97630e9fd6f6c04c5791dd22505ab238d1a6bf9242 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83420,7 +83420,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (init.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 2fe1558daec12a621f0504714bee44be8d382a57c7cdda160ddad8a2e8b8ca48 /root/init.jsp",
+      "content": "Use of Insufficiently Random Values (init.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 2fe1558daec12a621f0504714bee44be8d382a57c7cdda160ddad8a2e8b8ca48 /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83438,7 +83438,7 @@
   },
   {
     "fields": {
-      "content": "Missing X Frame Options (web.xml) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S3 None None None None None 5fb0f064b2f7098c57e1115b391bf7a6eb57feae63c2848b916a5b79dccf66f3 /build/WEB-INF/web.xml",
+      "content": "Missing X Frame Options (web.xml) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S3 None None None None None 5fb0f064b2f7098c57e1115b391bf7a6eb57feae63c2848b916a5b79dccf66f3 /build/WEB-INF/web.xml",
       "content_type": [
         "dojo",
         "test_import"
@@ -83456,7 +83456,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (search.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"alert(\\\"xss\\\")\") \u003e= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** You searched for: \u003c%= query %\u003e\n-----\n N/A N/A None None  S1 None None None None None 86efaa45244686266a1c4f1aef52d60ce791dd4cb64feebe5b214db5838b8e06 /root/search.jsp",
+      "content": "Reflected XSS All Clients (search.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"alert(\\\"xss\\\")\") >= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** You searched for: <%= query %>\n-----\n N/A N/A None None  S1 None None None None None 86efaa45244686266a1c4f1aef52d60ce791dd4cb64feebe5b214db5838b8e06 /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83474,7 +83474,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (basket.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None None None None 7d988ddc1b32f65ada9bd17516943b28e33458ea570ce92843bdb49e7a7e22fb /root/basket.jsp",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (basket.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None None None None 7d988ddc1b32f65ada9bd17516943b28e33458ea570ce92843bdb49e7a7e22fb /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83492,7 +83492,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 1c24c0fc04774515bc6dc38386250282055e0585ae71b405586b552ca04b31c9 /root/score.jsp",
+      "content": "Information Exposure Through an Error Message (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 1c24c0fc04774515bc6dc38386250282055e0585ae71b405586b552ca04b31c9 /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83510,7 +83510,7 @@
   },
   {
     "fields": {
-      "content": "Use of Hard coded Cryptographic Key (AdvancedSearch.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n N/A N/A None None  S2 None None None None None d68d7152bc4b3f069aa236ff41cab28da77d7e668b77cb4de10ae8bf7a2e85be /src/com/thebodgeitstore/search/AdvancedSearch.java",
+      "content": "Use of Hard coded Cryptographic Key (AdvancedSearch.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n N/A N/A None None  S2 None None None None None d68d7152bc4b3f069aa236ff41cab28da77d7e668b77cb4de10ae8bf7a2e85be /src/com/thebodgeitstore/search/AdvancedSearch.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -83528,7 +83528,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (register.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None None None None 84c57ed3e3723016b9425c8549bd0faab967538a59e072c2dc5c85974a72bf41 /root/register.jsp",
+      "content": "Reliance on Cookies in a Decision (register.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None None None None 84c57ed3e3723016b9425c8549bd0faab967538a59e072c2dc5c85974a72bf41 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83546,7 +83546,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n N/A N/A None None  S1 None None None None None 2dc7787335253be93ebb64d3ad632116363f3a5821c070db4cc28c18a0eee09e /root/contact.jsp",
+      "content": "Stored XSS (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n N/A N/A None None  S1 None None None None None 2dc7787335253be93ebb64d3ad632116363f3a5821c070db4cc28c18a0eee09e /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83564,7 +83564,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (admin.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S2 None None None None None 45fe7a9d8b946b2cbc6aaf8b5e36608cc629e5f388f91433664d3c2f19a29991 /root/admin.jsp",
+      "content": "CGI Stored XSS (admin.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S2 None None None None None 45fe7a9d8b946b2cbc6aaf8b5e36608cc629e5f388f91433664d3c2f19a29991 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83582,7 +83582,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (register.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None None None None 6e5f6914b0e963152cff1f6b9fe1c39a2f177979e6885bdbac5bd88f1d40d8cd /root/register.jsp",
+      "content": "Heap Inspection (register.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None None None None 6e5f6914b0e963152cff1f6b9fe1c39a2f177979e6885bdbac5bd88f1d40d8cd /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83600,7 +83600,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (search.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 763571cd8b09d88baae5cc8bc9d755e2401e204c335894933401186d14be3992 /root/search.jsp",
+      "content": "Improper Resource Shutdown or Release (search.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 763571cd8b09d88baae5cc8bc9d755e2401e204c335894933401186d14be3992 /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83618,7 +83618,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") \u003e= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 508298807b8bd2787b58a49d31bd3f056293c7656e8936eb2e478b3636fa5e19 /root/register.jsp",
+      "content": "Information Exposure Through an Error Message (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") >= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 508298807b8bd2787b58a49d31bd3f056293c7656e8936eb2e478b3636fa5e19 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83636,7 +83636,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (init.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None 1544a01109756bdb265135b3dbc4efca3a22c8d19fa9b50407c94760f04d5610 /root/init.jsp",
+      "content": "Improper Resource Access Authorization (init.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None 1544a01109756bdb265135b3dbc4efca3a22c8d19fa9b50407c94760f04d5610 /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83654,7 +83654,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (header.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n N/A N/A None None  S2 None None None None None d6251c8822044d55511b364098e264ca2113391d999c6aefe5c1cca3743e2f2d /root/header.jsp",
+      "content": "CGI Stored XSS (header.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n N/A N/A None None  S2 None None None None None d6251c8822044d55511b364098e264ca2113391d999c6aefe5c1cca3743e2f2d /root/header.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83672,7 +83672,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None None None None f8234be5bed59174a5f1f4efef0acb152b788f55c1804e2abbc185fe69ceea31 /root/basket.jsp",
+      "content": "Blind SQL Injections (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None None None None f8234be5bed59174a5f1f4efef0acb152b788f55c1804e2abbc185fe69ceea31 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83690,7 +83690,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies In Config (web.xml) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S2 None None None None None 7d3502f71ea947677c3ae5e39ae8da99c7024c3820a1c546bbdfe3ea4a0fdfc0 /build/WEB-INF/web.xml",
+      "content": "HttpOnlyCookies In Config (web.xml) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S2 None None None None None 7d3502f71ea947677c3ae5e39ae8da99c7024c3820a1c546bbdfe3ea4a0fdfc0 /build/WEB-INF/web.xml",
       "content_type": [
         "dojo",
         "test_import"
@@ -83708,7 +83708,7 @@
   },
   {
     "fields": {
-      "content": "Use of Hard coded Cryptographic Key (AES.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n N/A N/A None None  S2 None None None None None 779b4fe3dd494b8c323ddb7cb879f60051ac263904a16ac65af5a210cf797c0b /src/com/thebodgeitstore/util/AES.java",
+      "content": "Use of Hard coded Cryptographic Key (AES.java) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n N/A N/A None None  S2 None None None None None 779b4fe3dd494b8c323ddb7cb879f60051ac263904a16ac65af5a210cf797c0b /src/com/thebodgeitstore/util/AES.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -83726,7 +83726,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (score.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 326fbad527801598a49946804f53bff975023eeb4c7c992932611d45d0b46201 /root/score.jsp",
+      "content": "Improper Resource Shutdown or Release (score.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 326fbad527801598a49946804f53bff975023eeb4c7c992932611d45d0b46201 /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83744,7 +83744,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S2 None None None None None d818b17afca02a70991162f0cf5fbb16d2fef322b72c5c77b4c32bd209b3dc02 /root/basket.jsp",
+      "content": "CGI Reflected XSS All Clients (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S2 None None None None None d818b17afca02a70991162f0cf5fbb16d2fef322b72c5c77b4c32bd209b3dc02 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83762,7 +83762,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (score.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S1 None None None None None 926d5bb4d3abbed178afd6c5ffb752e6774908ad90893262c187e71e3197f31d /root/score.jsp",
+      "content": "Stored XSS (score.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S1 None None None None None 926d5bb4d3abbed178afd6c5ffb752e6774908ad90893262c187e71e3197f31d /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83780,7 +83780,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None cfa4c706348e59de8b65228daccc21474abf67877a50dec0efa031e947d2e3bd /root/basket.jsp",
+      "content": "Information Exposure Through an Error Message (basket.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None cfa4c706348e59de8b65228daccc21474abf67877a50dec0efa031e947d2e3bd /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83798,7 +83798,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n N/A N/A None None  S3 None None None None None b493926fdab24fe92c9c28363e72429e66631bd5056f574ddefb983212933d10 /root/search.jsp",
+      "content": "Improper Resource Access Authorization (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n N/A N/A None None  S3 None None None None None b493926fdab24fe92c9c28363e72429e66631bd5056f574ddefb983212933d10 /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83816,7 +83816,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 40f3e776293c5c19ac7b521181adfef56ed09288fa417f519d1cc6071cba8a17 /root/home.jsp",
+      "content": "Improper Resource Access Authorization (home.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 40f3e776293c5c19ac7b521181adfef56ed09288fa417f519d1cc6071cba8a17 /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83834,7 +83834,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (admin.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 8332e5bd42770868b5db865ca9017c31fcea5a91cff250c4341dc73ed5fdb6e6 /root/admin.jsp",
+      "content": "Improper Resource Shutdown or Release (admin.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 8332e5bd42770868b5db865ca9017c31fcea5a91cff250c4341dc73ed5fdb6e6 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83852,7 +83852,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 641ba17f6201ed5f40524a90c0e0fc03d8a4731528be567b639362cef3f20ef2 /root/search.jsp",
+      "content": "Information Exposure Through an Error Message (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 641ba17f6201ed5f40524a90c0e0fc03d8a4731528be567b639362cef3f20ef2 /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83870,7 +83870,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None None None None c3fb1583f06a0ce7bee2084607680b357d63dd8f9cc56d5d09f0601a3c62a336 /root/register.jsp",
+      "content": "Blind SQL Injections (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None None None None c3fb1583f06a0ce7bee2084607680b357d63dd8f9cc56d5d09f0601a3c62a336 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83888,7 +83888,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (login.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None None None None 11b43c1ce56100d6a92b74b27d6e6901f3822b44c4b6e8437a7622f71c3a58a9 /root/login.jsp",
+      "content": "Reliance on Cookies in a Decision (login.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None None None None 11b43c1ce56100d6a92b74b27d6e6901f3822b44c4b6e8437a7622f71c3a58a9 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83906,7 +83906,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (search.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None 7a001d11b5d7d20f5215658fc735a31e530696faddeae3eacf81662d4870e89a /root/search.jsp",
+      "content": "Download of Code Without Integrity Check (search.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S2 None None None None None 7a001d11b5d7d20f5215658fc735a31e530696faddeae3eacf81662d4870e89a /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83924,7 +83924,7 @@
   },
   {
     "fields": {
-      "content": "Unsynchronized Access To Shared Data (AdvancedSearch.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n N/A N/A None None  S3 None None None None None dc13f474e6f512cb31374bfa4658ce7a866d6b832d40742e784ef14f6513ab87 /src/com/thebodgeitstore/search/AdvancedSearch.java",
+      "content": "Unsynchronized Access To Shared Data (AdvancedSearch.java) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n N/A N/A None None  S3 None None None None None dc13f474e6f512cb31374bfa4658ce7a866d6b832d40742e784ef14f6513ab87 /src/com/thebodgeitstore/search/AdvancedSearch.java",
       "content_type": [
         "dojo",
         "test_import"
@@ -83942,7 +83942,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S3 None None None None None 63f306f6577c64ad2d38ddd3985cc649b11dd360f7a962e98cb63686c89b2b95 /root/search.jsp",
+      "content": "Empty Password In Connection String (search.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S3 None None None None None 63f306f6577c64ad2d38ddd3985cc649b11dd360f7a962e98cb63686c89b2b95 /root/search.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83960,7 +83960,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83978,7 +83978,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 5b24a32f74c75879a1adc65bf89b03bb64f81565dbd6a2240149f2ce1bd27d40 /root/score.jsp",
+      "content": "Improper Resource Access Authorization (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 5b24a32f74c75879a1adc65bf89b03bb64f81565dbd6a2240149f2ce1bd27d40 /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -83996,7 +83996,7 @@
   },
   {
     "fields": {
-      "content": "Session Fixation (logout.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n N/A N/A None None  S2 None None None None None 08569015fcc466a18ab405324d0dfe6af4b141110e47b73226ea117ecd44ff10 /root/logout.jsp",
+      "content": "Session Fixation (logout.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n N/A N/A None None  S2 None None None None None 08569015fcc466a18ab405324d0dfe6af4b141110e47b73226ea117ecd44ff10 /root/logout.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84014,7 +84014,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802)\n\n N/A N/A None None  S2 None None None None None fd480c121d5e26af3fb8c7ec89137aab25d86e44ff154f5aae742384cf80a2dd /root/login.jsp",
+      "content": "Hardcoded password in Connection String (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802)\n\n N/A N/A None None  S2 None None None None None fd480c121d5e26af3fb8c7ec89137aab25d86e44ff154f5aae742384cf80a2dd /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84032,7 +84032,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded password in Connection String (advanced.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None b755a0cc07b69b72eb284df102459af7c502318c53c769999ec925d0da354d44 /root/advanced.jsp",
+      "content": "Hardcoded password in Connection String (advanced.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None None None None b755a0cc07b69b72eb284df102459af7c502318c53c769999ec925d0da354d44 /root/advanced.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84050,7 +84050,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None None None None 70d68584520c7bc1b47ca45fc75b42460659a52957a10fe2a99858c32b329ae1 /root/login.jsp",
+      "content": "Improper Resource Access Authorization (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None None None None 70d68584520c7bc1b47ca45fc75b42460659a52957a10fe2a99858c32b329ae1 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84068,7 +84068,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 920ba1bf2ab979534eda06dd720ba0baa9cff2b1c14fd1ad56e89a5d656ed2f9 /root/header.jsp",
+      "content": "Improper Resource Access Authorization (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None None None None 920ba1bf2ab979534eda06dd720ba0baa9cff2b1c14fd1ad56e89a5d656ed2f9 /root/header.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84086,7 +84086,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109)\n\n N/A N/A None None  S3 None None None None None 6bea74fa6a2e15eb4e272fd8033b63984cb1cfefd52189c7031b58d7bd325f44 /root/score.jsp",
+      "content": "Empty Password In Connection String (score.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109)\n\n N/A N/A None None  S3 None None None None None 6bea74fa6a2e15eb4e272fd8033b63984cb1cfefd52189c7031b58d7bd325f44 /root/score.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84104,7 +84104,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (password.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n N/A N/A None None  S3 None None None None None 97e071423b295531965759c3641effa4a92e8e67f5ae40a3248a0a296aada52d /root/password.jsp",
+      "content": "Improper Resource Shutdown or Release (password.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n N/A N/A None None  S3 None None None None None 97e071423b295531965759c3641effa4a92e8e67f5ae40a3248a0a296aada52d /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84122,7 +84122,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (product.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 810541dc4d59d52088c1c29bfbb5ed70b10bfa657980a3099b26ff8799955f28 /root/product.jsp",
+      "content": "Improper Resource Shutdown or Release (product.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None None None None 810541dc4d59d52088c1c29bfbb5ed70b10bfa657980a3099b26ff8799955f28 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84140,7 +84140,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100)\n\n N/A N/A None None  S3 None None None None None eba9a993ff2b55ebdda24cb3c0fbc777bd7bcf038a01463f56b2f472f5a95296 /root/login.jsp",
+      "content": "Empty Password In Connection String (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100)\n\n N/A N/A None None  S3 None None None None None eba9a993ff2b55ebdda24cb3c0fbc777bd7bcf038a01463f56b2f472f5a95296 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84158,7 +84158,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None af0420cc3c001e6a1c65aceb86644080bcdb3f08b6be7cfc96a3bb3e20685afb /root/login.jsp",
+      "content": "Information Exposure Through an Error Message (login.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None af0420cc3c001e6a1c65aceb86644080bcdb3f08b6be7cfc96a3bb3e20685afb /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84176,7 +84176,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (contact.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None None None None 78ceea05b00023deec3b210877d332bf03d07b237e8339f508a18c62b1146f88 /root/contact.jsp",
+      "content": "Use of Insufficiently Random Values (contact.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None None None None 78ceea05b00023deec3b210877d332bf03d07b237e8339f508a18c62b1146f88 /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84194,7 +84194,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S1 None None None None None 9384efff38eaa33266a2f5888dea18392a0e8b658b770fcfed268f06d3a1052d /root/contact.jsp",
+      "content": "Stored XSS (contact.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S1 None None None None None 9384efff38eaa33266a2f5888dea18392a0e8b658b770fcfed268f06d3a1052d /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84212,7 +84212,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 93595b491f79115f85df3ef403cfc4ecd34e22dedf95aa24fbc18f56039d26f3 /root/login.jsp",
+      "content": "HttpOnlyCookies (login.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None None None None 93595b491f79115f85df3ef403cfc4ecd34e22dedf95aa24fbc18f56039d26f3 /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84230,7 +84230,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (register.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None None None None ebfe755d6f8f91724d9d8a0672c12dce0200f818bce80b7fcaab30987b124a99 /root/register.jsp",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (register.jsp) N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None None None None ebfe755d6f8f91724d9d8a0672c12dce0200f818bce80b7fcaab30987b124a99 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84248,7 +84248,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 584b05859f76b43b2736a28ac1c8ac88497704d0f31868218fcda9077396a215 /root/header.jsp",
+      "content": "Information Exposure Through an Error Message (header.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None None None None 584b05859f76b43b2736a28ac1c8ac88497704d0f31868218fcda9077396a215 /root/header.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84266,7 +84266,7 @@
   },
   {
     "fields": {
-      "content": "Race Condition Format Flaw (product.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\" + nf.format(price) + \"\");\n-----\n N/A N/A None None  S3 None None None None None b1306a4177b37bad4dbe763419df19ec56d7442262be5dfeff6d346b3b900ad1 /root/product.jsp",
+      "content": "Race Condition Format Flaw (product.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\" + nf.format(price) + \"\");\n-----\n N/A N/A None None  S3 None None None None None b1306a4177b37bad4dbe763419df19ec56d7442262be5dfeff6d346b3b900ad1 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84284,7 +84284,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (product.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\u003c/a\u003e\u003ctd\u003e\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\u003ctd\u003e\u003ca href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\"\u003e\" +\n-----\n N/A N/A None None  S1 None None None None None 59304c367c39a7f0983c4ef2f90a13207866a37422ff5cc03db07d0efe46aed2 /root/product.jsp",
+      "content": "Stored XSS (product.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"</a><td>\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"<td><a href=\\\"product.jsp?prodid=\" + rs.getInt(\"productid\") + \"\\\">\" +\n-----\n N/A N/A None None  S1 None None None None None 59304c367c39a7f0983c4ef2f90a13207866a37422ff5cc03db07d0efe46aed2 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84302,7 +84302,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n N/A N/A None None  S3 None None None None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84320,7 +84320,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (init.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None None None None 28820e0352bb80a1d3c1085204cfeb522ddd29ee680ae46350260bf63359646f /root/init.jsp",
+      "content": "Heap Inspection (init.jsp) N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None None None None 28820e0352bb80a1d3c1085204cfeb522ddd29ee680ae46350260bf63359646f /root/init.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84338,7 +84338,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (contact.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "CGI Reflected XSS All Clients (contact.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "test_import"
@@ -84356,7 +84356,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password In Connection String (contact.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None None None None ce6c5523b17b77be323a526e757f04235f6d8a3023ac5208b12b7c34de4fcbb6 /root/contact.jsp",
+      "content": "Empty Password In Connection String (contact.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None None None None ce6c5523b17b77be323a526e757f04235f6d8a3023ac5208b12b7c34de4fcbb6 /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84374,7 +84374,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\u003cbr/\u003e\u003cbr/\u003e\");\n-----\n N/A N/A None None  S3 None None None None None 85b4b54f401f88fb286b6442b56fecb5922a025504207d94f5835e4b9e4c3d49 /root/product.jsp",
+      "content": "Information Exposure Through an Error Message (product.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"<br/><br/>\");\n-----\n N/A N/A None None  S3 None None None None None 85b4b54f401f88fb286b6442b56fecb5922a025504207d94f5835e4b9e4c3d49 /root/product.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84392,7 +84392,7 @@
   },
   {
     "fields": {
-      "content": "XSRF (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S2 None None None None None 371010ba334ccc433d73bf0c9cdaec557d5f7ec338c6f925d8a71763a228d473 /root/password.jsp",
+      "content": "XSRF (password.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S2 None None None None None 371010ba334ccc433d73bf0c9cdaec557d5f7ec338c6f925d8a71763a228d473 /root/password.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84410,7 +84410,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (advanced.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None ea8b569d6c5fe9dba625c6540acd9880534f7a19a5bf4b84fb838ad65d08d26f /root/advanced.jsp",
+      "content": "Download of Code Without Integrity Check (advanced.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None None None None ea8b569d6c5fe9dba625c6540acd9880534f7a19a5bf4b84fb838ad65d08d26f /root/advanced.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84428,7 +84428,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None None None None d0e517ef410747c79f882b9fc73a04a92ef6b4792017378ae5c4a39e21a921c5 /root/register.jsp",
+      "content": "Improper Resource Access Authorization (register.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None None None None d0e517ef410747c79f882b9fc73a04a92ef6b4792017378ae5c4a39e21a921c5 /root/register.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84446,7 +84446,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=288](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=288)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=289](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=289)\n\n**Line Number:** 1\n**Column:** 680\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n N/A N/A None None  S2 None None None None None f6025b614c1d26ee95556ebcb50473f42a57f04d7653abfd132e98baff1b433e /root/basket.jsp",
+      "content": "Download of Code Without Integrity Check (basket.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=288](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=288)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=289](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=289)\n\n**Line Number:** 1\n**Column:** 680\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n N/A N/A None None  S2 None None None None None f6025b614c1d26ee95556ebcb50473f42a57f04d7653abfd132e98baff1b433e /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84464,7 +84464,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (admin.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=121](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=121)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=122](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=122)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=123](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=123)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=124](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=124)\n\n**Line Number:** 12\n**Column:** 383\n**Source Object:** execute\n**Number:** 12\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_ADMIN'\");\n-----\n N/A N/A None None  S3 None None None None None 5852c73c2309bcf533c51c4b6c8221b0519229d4010090067bd6ea629971c099 /root/admin.jsp",
+      "content": "Improper Resource Access Authorization (admin.jsp) N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=121](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=121)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=122](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=122)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=123](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=123)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=124](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=124)\n\n**Line Number:** 12\n**Column:** 383\n**Source Object:** execute\n**Number:** 12\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_ADMIN'\");\n-----\n N/A N/A None None  S3 None None None None None 5852c73c2309bcf533c51c4b6c8221b0519229d4010090067bd6ea629971c099 /root/admin.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84482,7 +84482,7 @@
   },
   {
     "fields": {
-      "content": "Use of Cryptographically Weak PRNG (contact.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=14](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=14)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None None None None 39052e0796f538556f2cc6c00b63fbed65ab036a874c9ed0672e6825d68602a2 /root/contact.jsp",
+      "content": "Use of Cryptographically Weak PRNG (contact.jsp) N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=14](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=14)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None None None None 39052e0796f538556f2cc6c00b63fbed65ab036a874c9ed0672e6825d68602a2 /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84500,7 +84500,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (contact.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=463](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=463)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=464](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=464)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=465](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=465)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=466](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=466)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=467](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=467)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=468](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=468)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=469](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=469)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=470](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=470)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=471](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=471)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=472](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=472)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=473](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=473)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=474](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=474)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=475](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=475)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=476](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=476)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=477](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=477)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=478](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=478)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=479](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=479)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=480](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=480)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=481](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=481)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=482](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=482)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=483](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=483)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=484](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=484)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=485](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=485)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=486](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=486)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=487](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=487)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=488](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=488)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=489](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=489)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=490](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=490)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=491](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=491)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=492](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=492)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=493](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=493)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=494](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=494)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=495](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=495)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=496](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=496)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=497](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=497)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=498](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=498)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=499](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=499)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=500](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=500)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=501](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=501)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=502](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=502)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=503](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=503)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=504](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=504)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=505](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=505)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=506](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=506)\n\n**Line Number:** 24\n**Column:** 377\n**Source Object:** conn\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 398\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 370\n**Source Object:** stmt\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 27\n**Column:** 353\n**Source Object:** stmt\n**Number:** 27\n**Code:** stmt.setString(1, username);\n-----\n**Line Number:** 28\n**Column:** 353\n**Source Object:** stmt\n**Number:** 28\n**Code:** stmt.setString(2, comments);\n-----\n**Line Number:** 29\n**Column:** 365\n**Source Object:** execute\n**Number:** 29\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None None None None 82b6e67fea88a46706b742dee6eb877a58f0ef800b00de81d044714ae2d83f6b /root/contact.jsp",
+      "content": "Improper Resource Shutdown or Release (contact.jsp) N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=463](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=463)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=464](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=464)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=465](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=465)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=466](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=466)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=467](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=467)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=468](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=468)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=469](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=469)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=470](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=470)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=471](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=471)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=472](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=472)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=473](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=473)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=474](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=474)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=475](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=475)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=476](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=476)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=477](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=477)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=478](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=478)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=479](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=479)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=480](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=480)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=481](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=481)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=482](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=482)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=483](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=483)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=484](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=484)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=485](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=485)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=486](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=486)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=487](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=487)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=488](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=488)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=489](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=489)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=490](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=490)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=491](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=491)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=492](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=492)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=493](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=493)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=494](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=494)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=495](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=495)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=496](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=496)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=497](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=497)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=498](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=498)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=499](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=499)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=500](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=500)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=501](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=501)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=502](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=502)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=503](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=503)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=504](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=504)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=505](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=505)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=506](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=506)\n\n**Line Number:** 24\n**Column:** 377\n**Source Object:** conn\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 398\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 370\n**Source Object:** stmt\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 27\n**Column:** 353\n**Source Object:** stmt\n**Number:** 27\n**Code:** stmt.setString(1, username);\n-----\n**Line Number:** 28\n**Column:** 353\n**Source Object:** stmt\n**Number:** 28\n**Code:** stmt.setString(2, comments);\n-----\n**Line Number:** 29\n**Column:** 365\n**Source Object:** execute\n**Number:** 29\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None None None None 82b6e67fea88a46706b742dee6eb877a58f0ef800b00de81d044714ae2d83f6b /root/contact.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84518,7 +84518,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (login.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=333](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=333)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None None None None 52d4696d8c8726e0689f91c534c78682a24d80d83406ac7c6d7c4f2952d7c25e /root/login.jsp",
+      "content": "Reflected XSS All Clients (login.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=333](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=333)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None None None None 52d4696d8c8726e0689f91c534c78682a24d80d83406ac7c6d7c4f2952d7c25e /root/login.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84536,7 +84536,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (home.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=23](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=23)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None None None None 67622d1c580dd13b751a2f6684e3b1e764c0b2059520e9b6683c5b8a6560262a /root/home.jsp",
+      "content": "Use of Insufficiently Random Values (home.jsp) N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=23](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=23)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None None None None 67622d1c580dd13b751a2f6684e3b1e764c0b2059520e9b6683c5b8a6560262a /root/home.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84554,7 +84554,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (basket.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=339](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=339)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S1 None None None None None a580f877f77e73dc81f13869c40402119ff4a964e2cc48fe4dcca3fb0a5e19a9 /root/basket.jsp",
+      "content": "SQL Injection (basket.jsp) N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=339](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=339)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S1 None None None None None a580f877f77e73dc81f13869c40402119ff4a964e2cc48fe4dcca3fb0a5e19a9 /root/basket.jsp",
       "content_type": [
         "dojo",
         "test_import"
@@ -84590,7 +84590,7 @@
   },
   {
     "fields": {
-      "content": "Race Condition Format Flaw (product.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\" + nf.format(price) + \"\");\n-----\n N/A N/A None None  S3 None None b1306a4177b37bad4dbe763419df19ec56d7442262be5dfeff6d346b3b900ad1 /root/product.jsp None None None None None None None 262 N/A None BodgeIt ",
+      "content": "Race Condition Format Flaw (product.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\" + nf.format(price) + \"\");\n-----\n N/A N/A None None  S3 None None b1306a4177b37bad4dbe763419df19ec56d7442262be5dfeff6d346b3b900ad1 /root/product.jsp None None None None None None None 262 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "test_import"
@@ -84608,7 +84608,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (product.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None 59304c367c39a7f0983c4ef2f90a13207866a37422ff5cc03db07d0efe46aed2 /root/product.jsp None None None None None None None 263 N/A None BodgeIt ",
+      "content": "Stored XSS (product.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None 59304c367c39a7f0983c4ef2f90a13207866a37422ff5cc03db07d0efe46aed2 /root/product.jsp None None None None None None None 263 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "test_import"
@@ -84734,7 +84734,7 @@
   },
   {
     "fields": {
-      "content": "Apple Accounting Software Accounting software is typically composed of various modules, different sections dealing with particular areas of accounting. Among the most common are:\r\n\r\n**Core modules**\r\n\r\n* Accounts receivable—where the company enters money received\r\n* Accounts payable—where the company enters its bills and pays money it owes\r\n* General ledger—the company's \"books\"\r\n* Billing—where the company produces invoices to clients/customers 0 0 0 high web production purchased",
+      "content": "Apple Accounting Software Accounting software is typically composed of various modules, different sections dealing with particular areas of accounting. Among the most common are:\r\n\r\n**Core modules**\r\n\r\n* Accounts receivable\u2014where the company enters money received\r\n* Accounts payable\u2014where the company enters its bills and pays money it owes\r\n* General ledger\u2014the company's \"books\"\r\n* Billing\u2014where the company produces invoices to clients/customers 0 0 0 high web production purchased",
       "content_type": [
         "dojo",
         "tagulous_product_tags"
@@ -84842,7 +84842,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (login.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=333](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=333)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None 52d4696d8c8726e0689f91c534c78682a24d80d83406ac7c6d7c4f2952d7c25e /root/login.jsp None None None None None None None 276 N/A None BodgeIt ",
+      "content": "Reflected XSS All Clients (login.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=333](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=333)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None 52d4696d8c8726e0689f91c534c78682a24d80d83406ac7c6d7c4f2952d7c25e /root/login.jsp None None None None None None None 276 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "test_import"
@@ -84860,7 +84860,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (home.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=23](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=23)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None 67622d1c580dd13b751a2f6684e3b1e764c0b2059520e9b6683c5b8a6560262a /root/home.jsp None None None None None None None 277 N/A None BodgeIt ",
+      "content": "Use of Insufficiently Random Values (home.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=23](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=23)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None 67622d1c580dd13b751a2f6684e3b1e764c0b2059520e9b6683c5b8a6560262a /root/home.jsp None None None None None None None 277 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "test_import"
@@ -85652,7 +85652,7 @@
   },
   {
     "fields": {
-      "content": "Cross-site scripting (reflected) None High URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto alert(1)nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 alert(1)jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n \n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including \u003c \u003e \" ' and =, should be replaced with the corresponding HTML entities (\u0026lt; \u0026gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request that, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.\n\nThe attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.\n\nUsers can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site that causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).\n\nThe security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality that it contains, and the other applications that belong to the same domain and organization. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain that can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organization that owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application and exploiting users' trust in the organization in order to capture credentials for other applications that it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk. \n None None \n\n  * [Using Burp to Find XSS issues](https://support.portswigger.net/customer/portal/articles/1965737-Methodology_XSS.html)\n\n\n S1 None None None None None d0353a775431e2fcf6ba2245bba4a11a68a0961e4f6baba21095c56e4c52287c None",
+      "content": "Cross-site scripting (reflected) None High URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto alert(1)nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 alert(1)jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n \n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > \" ' and =, should be replaced with the corresponding HTML entities (&lt; &gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request that, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.\n\nThe attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.\n\nUsers can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site that causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).\n\nThe security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality that it contains, and the other applications that belong to the same domain and organization. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain that can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organization that owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application and exploiting users' trust in the organization in order to capture credentials for other applications that it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk. \n None None \n\n  * [Using Burp to Find XSS issues](https://support.portswigger.net/customer/portal/articles/1965737-Methodology_XSS.html)\n\n\n S1 None None None None None d0353a775431e2fcf6ba2245bba4a11a68a0961e4f6baba21095c56e4c52287c None",
       "content_type": [
         "dojo",
         "test_import"
@@ -86174,7 +86174,7 @@
   },
   {
     "fields": {
-      "content": "Errors unhandled.-G104 N/A Low Filename: /vagrant/go/src/govwa/setting/setting.go\nLine number: 66\nIssue Confidence: HIGH\n\nCode:\n_ = db.QueryRow(sql).Scan(\u0026version)\n coming soon  None None  S3 None None None None None 6a2543c093ae3492085ed185e29728240264e6b42d20e2594afa0e3bde0df7ed /vagrant/go/src/govwa/setting/setting.go",
+      "content": "Errors unhandled.-G104 N/A Low Filename: /vagrant/go/src/govwa/setting/setting.go\nLine number: 66\nIssue Confidence: HIGH\n\nCode:\n_ = db.QueryRow(sql).Scan(&version)\n coming soon  None None  S3 None None None None None 6a2543c093ae3492085ed185e29728240264e6b42d20e2594afa0e3bde0df7ed /vagrant/go/src/govwa/setting/setting.go",
       "content_type": [
         "dojo",
         "test_import"
@@ -86588,7 +86588,7 @@
   },
   {
     "fields": {
-      "content": "Cross-site scripting (reflected) None High URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto alert(1)nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 alert(1)jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n \n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including \u003c \u003e \" ' and =, should be replaced with the corresponding HTML entities (\u0026lt; \u0026gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request that, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.\n\nThe attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.\n\nUsers can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site that causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).\n\nThe security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality that it contains, and the other applications that belong to the same domain and organization. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain that can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organization that owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application and exploiting users' trust in the organization in order to capture credentials for other applications that it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk. \n None None \n\n  * [Using Burp to Find XSS issues](https://support.portswigger.net/customer/portal/articles/1965737-Methodology_XSS.html)\n\n\n S1 None None None None None d0353a775431e2fcf6ba2245bba4a11a68a0961e4f6baba21095c56e4c52287c None",
+      "content": "Cross-site scripting (reflected) None High URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto alert(1)nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 alert(1)jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n \n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > \" ' and =, should be replaced with the corresponding HTML entities (&lt; &gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request that, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.\n\nThe attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.\n\nUsers can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site that causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).\n\nThe security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality that it contains, and the other applications that belong to the same domain and organization. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain that can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organization that owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application and exploiting users' trust in the organization in order to capture credentials for other applications that it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk. \n None None \n\n  * [Using Burp to Find XSS issues](https://support.portswigger.net/customer/portal/articles/1965737-Methodology_XSS.html)\n\n\n S1 None None None None None d0353a775431e2fcf6ba2245bba4a11a68a0961e4f6baba21095c56e4c52287c None",
       "content_type": [
         "dojo",
         "test_import"
@@ -86840,7 +86840,7 @@
   },
   {
     "fields": {
-      "content": "Cross-Site Scripting (Reflected) None None None High URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto alert(1)nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 alert(1)jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n \n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including \u003c \u003e \" ' and =, should be replaced with the corresponding HTML entities (\u0026lt; \u0026gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request that, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.\n\nThe attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.\n\nUsers can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site that causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).\n\nThe security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality that it contains, and the other applications that belong to the same domain and organization. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain that can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organization that owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application and exploiting users' trust in the organization in order to capture credentials for other applications that it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk. \n None None \n\n  * [Using Burp to Find XSS issues](https://support.portswigger.net/customer/portal/articles/1965737-Methodology_XSS.html)\n\n\n S1 None None d0353a775431e2fcf6ba2245bba4a11a68a0961e4f6baba21095c56e4c52287c None None None None None None None None None None None 302 None None BodgeIt ",
+      "content": "Cross-Site Scripting (Reflected) None None None High URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto alert(1)nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 alert(1)jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n \n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > \" ' and =, should be replaced with the corresponding HTML entities (&lt; &gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request that, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.\n\nThe attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.\n\nUsers can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site that causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).\n\nThe security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality that it contains, and the other applications that belong to the same domain and organization. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain that can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organization that owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application and exploiting users' trust in the organization in order to capture credentials for other applications that it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk. \n None None \n\n  * [Using Burp to Find XSS issues](https://support.portswigger.net/customer/portal/articles/1965737-Methodology_XSS.html)\n\n\n S1 None None d0353a775431e2fcf6ba2245bba4a11a68a0961e4f6baba21095c56e4c52287c None None None None None None None None None None None 302 None None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -86858,7 +86858,7 @@
   },
   {
     "fields": {
-      "content": "Cross-Site Scripting (Reflected) None None None High URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto alert(1)nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 alert(1)jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n \n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including \u003c \u003e \" ' and =, should be replaced with the corresponding HTML entities (\u0026lt; \u0026gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request that, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.\n\nThe attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.\n\nUsers can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site that causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).\n\nThe security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality that it contains, and the other applications that belong to the same domain and organization. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain that can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organization that owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application and exploiting users' trust in the organization in order to capture credentials for other applications that it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk. \n None None \n\n  * [Using Burp to Find XSS issues](https://support.portswigger.net/customer/portal/articles/1965737-Methodology_XSS.html)\n\n\n S1 None None d0353a775431e2fcf6ba2245bba4a11a68a0961e4f6baba21095c56e4c52287c None None None None None None None None None None None 340 None None BodgeIt ",
+      "content": "Cross-Site Scripting (Reflected) None None None High URL: http://localhost:8888/bodgeit/search.jsp\n\nThe value of the **q** request parameter is copied into the HTML document as plain text between tags. The payload **k8fto alert(1)nwx3l** was submitted in the q parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\nURL: http://localhost:8888/bodgeit/register.jsp\n\nThe value of the **username** request parameter is copied into the HTML document as plain text between tags. The payload **yf136 alert(1)jledu** was submitted in the username parameter. This input was echoed unmodified in the application's response.  \n  \nThis proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.\n\n \n\nIn most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defenses:\n\n  * Input should be validated as strictly as possible on arrival, given the kind of content that it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitized.\n  * User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > \" ' and =, should be replaced with the corresponding HTML entities (&lt; &gt; etc).\n\n\n\nIn cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.\n Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request that, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.\n\nThe attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.\n\nUsers can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site that causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).\n\nThe security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality that it contains, and the other applications that belong to the same domain and organization. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain that can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organization that owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application and exploiting users' trust in the organization in order to capture credentials for other applications that it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk. \n None None \n\n  * [Using Burp to Find XSS issues](https://support.portswigger.net/customer/portal/articles/1965737-Methodology_XSS.html)\n\n\n S1 None None d0353a775431e2fcf6ba2245bba4a11a68a0961e4f6baba21095c56e4c52287c None None None None None None None None None None None 340 None None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -86948,7 +86948,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (basket.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S1 None None 3406086ac5988ee8b55f70c618daf86c21702bb3c4c00e4607e5c21c2e3d3828 /root/basket.jsp None None None None None None None None None None 145 N/A None BodgeIt ",
+      "content": "Reflected XSS All Clients (basket.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S1 None None 3406086ac5988ee8b55f70c618daf86c21702bb3c4c00e4607e5c21c2e3d3828 /root/basket.jsp None None None None None None None None None None 145 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -86966,7 +86966,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (basket.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S1 None None 3406086ac5988ee8b55f70c618daf86c21702bb3c4c00e4607e5c21c2e3d3828 /root/basket.jsp None None None None None None None None None None 13 N/A None BodgeIt ",
+      "content": "Reflected XSS All Clients (basket.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=332](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=332)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S1 None None 3406086ac5988ee8b55f70c618daf86c21702bb3c4c00e4607e5c21c2e3d3828 /root/basket.jsp None None None None None None None None None None 13 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87002,7 +87002,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "Reflected XSS All Clients (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "finding"
@@ -87020,7 +87020,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "Reflected XSS All Clients (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=330](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=330)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "finding"
@@ -87038,7 +87038,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (login.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=333](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=333)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None 52d4696d8c8726e0689f91c534c78682a24d80d83406ac7c6d7c4f2952d7c25e /root/login.jsp None None None None None None None None None None 276 N/A None BodgeIt ",
+      "content": "Reflected XSS All Clients (login.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=333](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=333)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None 52d4696d8c8726e0689f91c534c78682a24d80d83406ac7c6d7c4f2952d7c25e /root/login.jsp None None None None None None None None None None 276 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87056,7 +87056,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (register.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None 95568708fa568cc74c7ef8279b87869ebc932305da1878dbb1b7597c75a57bc1 /root/register.jsp None None None None None None None None None None 65 N/A None BodgeIt ",
+      "content": "Reflected XSS All Clients (register.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None 95568708fa568cc74c7ef8279b87869ebc932305da1878dbb1b7597c75a57bc1 /root/register.jsp None None None None None None None None None None 65 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87074,7 +87074,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (register.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None 95568708fa568cc74c7ef8279b87869ebc932305da1878dbb1b7597c75a57bc1 /root/register.jsp None None None None None None None None None None 197 N/A None BodgeIt ",
+      "content": "Reflected XSS All Clients (register.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=334](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=334)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S1 None None 95568708fa568cc74c7ef8279b87869ebc932305da1878dbb1b7597c75a57bc1 /root/register.jsp None None None None None None None None None None 197 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87092,7 +87092,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (search.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"alert(\\\"xss\\\")\") \u003e= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** You searched for: \u003c%= query %\u003e\n-----\n N/A N/A None None  S1 None None 86efaa45244686266a1c4f1aef52d60ce791dd4cb64feebe5b214db5838b8e06 /root/search.jsp None None None None None None None None None None 217 N/A None BodgeIt ",
+      "content": "Reflected XSS All Clients (search.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"alert(\\\"xss\\\")\") >= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** You searched for: <%= query %>\n-----\n N/A N/A None None  S1 None None 86efaa45244686266a1c4f1aef52d60ce791dd4cb64feebe5b214db5838b8e06 /root/search.jsp None None None None None None None None None None 217 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87110,7 +87110,7 @@
   },
   {
     "fields": {
-      "content": "Reflected XSS All Clients (search.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"alert(\\\"xss\\\")\") \u003e= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** You searched for: \u003c%= query %\u003e\n-----\n N/A N/A None None  S1 None None 86efaa45244686266a1c4f1aef52d60ce791dd4cb64feebe5b214db5838b8e06 /root/search.jsp None None None None None None None None None None 85 N/A None BodgeIt ",
+      "content": "Reflected XSS All Clients (search.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=331](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=331)\n\n**Line Number:** 10\n**Column:** 395\n**Source Object:** \"\"q\"\"\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 394\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** query\n**Number:** 10\n**Code:** String query = (String) request.getParameter(\"q\");\n-----\n**Line Number:** 13\n**Column:** 362\n**Source Object:** query\n**Number:** 13\n**Code:** if (query.replaceAll(\"\\\\s\", \"\").toLowerCase().indexOf(\"alert(\\\"xss\\\")\") >= 0) {\n-----\n**Line Number:** 18\n**Column:** 380\n**Source Object:** query\n**Number:** 18\n**Code:** You searched for: <%= query %>\n-----\n N/A N/A None None  S1 None None 86efaa45244686266a1c4f1aef52d60ce791dd4cb64feebe5b214db5838b8e06 /root/search.jsp None None None None None None None None None None 85 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87128,7 +87128,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (basket.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=339](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=339)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S1 None None a580f877f77e73dc81f13869c40402119ff4a964e2cc48fe4dcca3fb0a5e19a9 /root/basket.jsp None None None None None None None None None None 278 N/A None BodgeIt ",
+      "content": "SQL Injection (basket.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=339](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=339)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S1 None None a580f877f77e73dc81f13869c40402119ff4a964e2cc48fe4dcca3fb0a5e19a9 /root/basket.jsp None None None None None None None None None None 278 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87146,7 +87146,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (login.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S1 None None 9878411e3b89bc832e58fa15e46d19e2e607309d3df9f152114d5ff62f95f0ce /root/login.jsp None None None None None None None None None None 45 N/A None BodgeIt ",
+      "content": "SQL Injection (login.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S1 None None 9878411e3b89bc832e58fa15e46d19e2e607309d3df9f152114d5ff62f95f0ce /root/login.jsp None None None None None None None None None None 45 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87164,7 +87164,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (login.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S1 None None 9878411e3b89bc832e58fa15e46d19e2e607309d3df9f152114d5ff62f95f0ce /root/login.jsp None None None None None None None None None None 177 N/A None BodgeIt ",
+      "content": "SQL Injection (login.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=340)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=341)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=342)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=343)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S1 None None 9878411e3b89bc832e58fa15e46d19e2e607309d3df9f152114d5ff62f95f0ce /root/login.jsp None None None None None None None None None None 177 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87182,7 +87182,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (password.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S1 None None 684ee38b55ea509e6c2be4a58ec52ba5d7e0c1952e09f8c8ca2bf0675650bd8f /root/password.jsp None None None None None None None None None None 18 N/A None BodgeIt ",
+      "content": "SQL Injection (password.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S1 None None 684ee38b55ea509e6c2be4a58ec52ba5d7e0c1952e09f8c8ca2bf0675650bd8f /root/password.jsp None None None None None None None None None None 18 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87200,7 +87200,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (password.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S1 None None 684ee38b55ea509e6c2be4a58ec52ba5d7e0c1952e09f8c8ca2bf0675650bd8f /root/password.jsp None None None None None None None None None None 150 N/A None BodgeIt ",
+      "content": "SQL Injection (password.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=344)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=345)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S1 None None 684ee38b55ea509e6c2be4a58ec52ba5d7e0c1952e09f8c8ca2bf0675650bd8f /root/password.jsp None None None None None None None None None None 150 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87218,7 +87218,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (register.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S1 None None c49c87192b6b4f17151a471fd9d1bf3b302bca08781d67806c6556fe720af1b0 /root/register.jsp None None None None None None None None None None 8 N/A None BodgeIt ",
+      "content": "SQL Injection (register.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S1 None None c49c87192b6b4f17151a471fd9d1bf3b302bca08781d67806c6556fe720af1b0 /root/register.jsp None None None None None None None None None None 8 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87236,7 +87236,7 @@
   },
   {
     "fields": {
-      "content": "SQL Injection (register.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S1 None None c49c87192b6b4f17151a471fd9d1bf3b302bca08781d67806c6556fe720af1b0 /root/register.jsp None None None None None None None None None None 140 N/A None BodgeIt ",
+      "content": "SQL Injection (register.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=346)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S1 None None c49c87192b6b4f17151a471fd9d1bf3b302bca08781d67806c6556fe720af1b0 /root/register.jsp None None None None None None None None None None 140 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87254,7 +87254,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (admin.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S1 None None 1f91fef184e69387463ce9719fe9756145e16e76d39609aa5fa3e0eaa1274d05 /root/admin.jsp None None None None None None None None None None 51 N/A None BodgeIt ",
+      "content": "Stored XSS (admin.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S1 None None 1f91fef184e69387463ce9719fe9756145e16e76d39609aa5fa3e0eaa1274d05 /root/admin.jsp None None None None None None None None None None 51 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87272,7 +87272,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (admin.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S1 None None 1f91fef184e69387463ce9719fe9756145e16e76d39609aa5fa3e0eaa1274d05 /root/admin.jsp None None None None None None None None None None 183 N/A None BodgeIt ",
+      "content": "Stored XSS (admin.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=375](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=375)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=376](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=376)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S1 None None 1f91fef184e69387463ce9719fe9756145e16e76d39609aa5fa3e0eaa1274d05 /root/admin.jsp None None None None None None None None None None 183 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87290,7 +87290,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (basket.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S1 None None 99fb15b31049df2445ac3fd8729cbccbc6a19e4e410c3eb0ef95908c00b78fd7 /root/basket.jsp None None None None None None None None None None 151 N/A None BodgeIt ",
+      "content": "Stored XSS (basket.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S1 None None 99fb15b31049df2445ac3fd8729cbccbc6a19e4e410c3eb0ef95908c00b78fd7 /root/basket.jsp None None None None None None None None None None 151 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87308,7 +87308,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (basket.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S1 None None 99fb15b31049df2445ac3fd8729cbccbc6a19e4e410c3eb0ef95908c00b78fd7 /root/basket.jsp None None None None None None None None None None 19 N/A None BodgeIt ",
+      "content": "Stored XSS (basket.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=377](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=377)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=378](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=378)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=379](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=379)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=380](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=380)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S1 None None 99fb15b31049df2445ac3fd8729cbccbc6a19e4e410c3eb0ef95908c00b78fd7 /root/basket.jsp None None None None None None None None None None 19 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87326,7 +87326,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S1 None None 9384efff38eaa33266a2f5888dea18392a0e8b658b770fcfed268f06d3a1052d /root/contact.jsp None None None None None None None None None None 258 N/A None BodgeIt ",
+      "content": "Stored XSS (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S1 None None 9384efff38eaa33266a2f5888dea18392a0e8b658b770fcfed268f06d3a1052d /root/contact.jsp None None None None None None None None None None 258 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87344,7 +87344,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S1 None None 9384efff38eaa33266a2f5888dea18392a0e8b658b770fcfed268f06d3a1052d /root/contact.jsp None None None None None None None None None None 126 N/A None BodgeIt ",
+      "content": "Stored XSS (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=386](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=386)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 89\n**Column:** 401\n**Source Object:** getAttribute\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S1 None None 9384efff38eaa33266a2f5888dea18392a0e8b658b770fcfed268f06d3a1052d /root/contact.jsp None None None None None None None None None None 126 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87362,7 +87362,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n N/A N/A None None  S1 None None 2dc7787335253be93ebb64d3ad632116363f3a5821c070db4cc28c18a0eee09e /root/contact.jsp None None None None None None None None None None 90 N/A None BodgeIt ",
+      "content": "Stored XSS (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n N/A N/A None None  S1 None None 2dc7787335253be93ebb64d3ad632116363f3a5821c070db4cc28c18a0eee09e /root/contact.jsp None None None None None None None None None None 90 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87380,7 +87380,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n N/A N/A None None  S1 None None 2dc7787335253be93ebb64d3ad632116363f3a5821c070db4cc28c18a0eee09e /root/contact.jsp None None None None None None None None None None 222 N/A None BodgeIt ",
+      "content": "Stored XSS (contact.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=381](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=381)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=382](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=382)\n\n**Line Number:** 63\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 63\n**Column:** 352\n**Source Object:** rs\n**Number:** 63\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 66\n**Column:** 359\n**Source Object:** rs\n**Number:** 66\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 68\n**Column:** 411\n**Source Object:** rs\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 423\n**Source Object:** getString\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n**Line Number:** 68\n**Column:** 364\n**Source Object:** println\n**Number:** 68\n**Code:** out.println(\"\" + rs.getString(\"name\") + \"\" + rs.getString(\"comment\") + \"\");\n-----\n N/A N/A None None  S1 None None 2dc7787335253be93ebb64d3ad632116363f3a5821c070db4cc28c18a0eee09e /root/contact.jsp None None None None None None None None None None 222 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87398,7 +87398,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (home.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None 0007a2df1ab7dc00f2144451d894f513c7d872e1153a0759982a8c866001cc02 /root/home.jsp None None None None None None None None None None 63 N/A None BodgeIt ",
+      "content": "Stored XSS (home.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None 0007a2df1ab7dc00f2144451d894f513c7d872e1153a0759982a8c866001cc02 /root/home.jsp None None None None None None None None None None 63 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87416,7 +87416,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (home.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None 0007a2df1ab7dc00f2144451d894f513c7d872e1153a0759982a8c866001cc02 /root/home.jsp None None None None None None None None None None 195 N/A None BodgeIt ",
+      "content": "Stored XSS (home.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=383](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=383)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=384](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=384)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=385](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=385)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None 0007a2df1ab7dc00f2144451d894f513c7d872e1153a0759982a8c866001cc02 /root/home.jsp None None None None None None None None None None 195 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87434,7 +87434,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (product.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None 59304c367c39a7f0983c4ef2f90a13207866a37422ff5cc03db07d0efe46aed2 /root/product.jsp None None None None None None None None None None 263 N/A None BodgeIt ",
+      "content": "Stored XSS (product.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None 59304c367c39a7f0983c4ef2f90a13207866a37422ff5cc03db07d0efe46aed2 /root/product.jsp None None None None None None None None None None 263 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87452,7 +87452,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (product.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None 59304c367c39a7f0983c4ef2f90a13207866a37422ff5cc03db07d0efe46aed2 /root/product.jsp None None None None None None None None None None 131 N/A None BodgeIt ",
+      "content": "Stored XSS (product.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=387](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=387)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=388](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=388)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=389](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=389)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=390](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=390)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=391](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=391)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=392](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=392)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=393](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=393)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=394](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=394)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=395](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=395)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=396](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=396)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=397](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=397)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=398](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=398)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=399](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=399)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=400](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=400)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=401](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=401)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=402](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=402)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=403](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=403)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=404](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=404)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=405](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=405)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=406](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=406)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=407](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=407)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S1 None None 59304c367c39a7f0983c4ef2f90a13207866a37422ff5cc03db07d0efe46aed2 /root/product.jsp None None None None None None None None None None 131 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87470,7 +87470,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (score.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S1 None None 926d5bb4d3abbed178afd6c5ffb752e6774908ad90893262c187e71e3197f31d /root/score.jsp None None None None None None None None None None 234 N/A None BodgeIt ",
+      "content": "Stored XSS (score.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S1 None None 926d5bb4d3abbed178afd6c5ffb752e6774908ad90893262c187e71e3197f31d /root/score.jsp None None None None None None None None None None 234 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87488,7 +87488,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (score.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S1 None None 926d5bb4d3abbed178afd6c5ffb752e6774908ad90893262c187e71e3197f31d /root/score.jsp None None None None None None None None None None 102 N/A None BodgeIt ",
+      "content": "Stored XSS (score.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=408](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=408)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=409](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=409)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=410](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=410)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=411](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=411)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=412](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=412)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=413](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=413)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S1 None None 926d5bb4d3abbed178afd6c5ffb752e6774908ad90893262c187e71e3197f31d /root/score.jsp None None None None None None None None None None 102 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87506,7 +87506,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (search.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** \u003c%= output %\u003e\n-----\n N/A N/A None None  S1 None None 38321299050d31a3b8168316e30316d786236785a9c31427fb6f2631d3065a7c /root/search.jsp None None None None None None None None None None 189 N/A None BodgeIt ",
+      "content": "Stored XSS (search.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** <%= output %>\n-----\n N/A N/A None None  S1 None None 38321299050d31a3b8168316e30316d786236785a9c31427fb6f2631d3065a7c /root/search.jsp None None None None None None None None None None 189 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87524,7 +87524,7 @@
   },
   {
     "fields": {
-      "content": "Stored XSS (search.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** \u003c%= output %\u003e\n-----\n N/A N/A None None  S1 None None 38321299050d31a3b8168316e30316d786236785a9c31427fb6f2631d3065a7c /root/search.jsp None None None None None None None None None None 57 N/A None BodgeIt ",
+      "content": "Stored XSS (search.jsp) None None N/A High **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=414](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=414)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Python\n**Group:** Java High Risk\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=415](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=415)\n\n**Line Number:** 34\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 34\n**Column:** 352\n**Source Object:** rs\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 38\n**Column:** 373\n**Source Object:** rs\n**Number:** 38\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 42\n**Column:** 398\n**Source Object:** rs\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 42\n**Column:** 410\n**Source Object:** getString\n**Number:** 42\n**Code:** \"\" + rs.getString(\"PRICE\") + \"\\n\");\n-----\n**Line Number:** 39\n**Column:** 392\n**Source Object:** concat\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 39\n**Column:** 370\n**Source Object:** output\n**Number:** 39\n**Code:** output = output.concat(\"\" + rs.getString(\"PRODUCT\") +\n-----\n**Line Number:** 49\n**Column:** 355\n**Source Object:** output\n**Number:** 49\n**Code:** <%= output %>\n-----\n N/A N/A None None  S1 None None 38321299050d31a3b8168316e30316d786236785a9c31427fb6f2631d3065a7c /root/search.jsp None None None None None None None None None None 57 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87866,7 +87866,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S2 None None d818b17afca02a70991162f0cf5fbb16d2fef322b72c5c77b4c32bd209b3dc02 /root/basket.jsp None None None None None None None None None None 101 N/A None BodgeIt ",
+      "content": "CGI Reflected XSS All Clients (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S2 None None d818b17afca02a70991162f0cf5fbb16d2fef322b72c5c77b4c32bd209b3dc02 /root/basket.jsp None None None None None None None None None None 101 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87884,7 +87884,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S2 None None d818b17afca02a70991162f0cf5fbb16d2fef322b72c5c77b4c32bd209b3dc02 /root/basket.jsp None None None None None None None None None None 233 N/A None BodgeIt ",
+      "content": "CGI Reflected XSS All Clients (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=735](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=735)\n\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 141\n**Column:** 386\n**Source Object:** basketId\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n**Line Number:** 141\n**Column:** 363\n**Source Object:** println\n**Number:** 141\n**Code:** out.println(\"DEBUG basketid = \" + basketId + \"\");\n-----\n N/A N/A None None  S2 None None d818b17afca02a70991162f0cf5fbb16d2fef322b72c5c77b4c32bd209b3dc02 /root/basket.jsp None None None None None None None None None None 233 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87902,7 +87902,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (contact.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "CGI Reflected XSS All Clients (contact.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "finding"
@@ -87920,7 +87920,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (contact.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "CGI Reflected XSS All Clients (contact.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=734](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=734)\n\n**Line Number:** 11\n**Column:** 398\n**Source Object:** \"\"comments\"\"\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 11\n**Column:** 357\n**Source Object:** comments\n**Number:** 11\n**Code:** String comments = (String) request.getParameter(\"comments\");\n-----\n**Line Number:** 19\n**Column:** 363\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "finding"
@@ -87938,7 +87938,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None 7be257602d73f6146bbd1c6c4ab4970db0867933a1d2e87675770529b841d800 /root/login.jsp None None None None None None None None None None 170 N/A None BodgeIt ",
+      "content": "CGI Reflected XSS All Clients (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None 7be257602d73f6146bbd1c6c4ab4970db0867933a1d2e87675770529b841d800 /root/login.jsp None None None None None None None None None None 170 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87956,7 +87956,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None 7be257602d73f6146bbd1c6c4ab4970db0867933a1d2e87675770529b841d800 /root/login.jsp None None None None None None None None None None 38 N/A None BodgeIt ",
+      "content": "CGI Reflected XSS All Clients (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=736](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=736)\n\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 46\n**Column:** 380\n**Source Object:** basketId\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 46\n**Column:** 354\n**Source Object:** debug\n**Number:** 46\n**Code:** debug += \" basketid = \" + basketId;\n-----\n**Line Number:** 78\n**Column:** 375\n**Source Object:** debug\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 78\n**Column:** 362\n**Source Object:** println\n**Number:** 78\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None 7be257602d73f6146bbd1c6c4ab4970db0867933a1d2e87675770529b841d800 /root/login.jsp None None None None None None None None None None 38 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87974,7 +87974,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None a91b30b026cda759c2608e1c8216cdd13e265c030b8c47f4690cd2182e4ad166 /root/register.jsp None None None None None None None None None None 15 N/A None BodgeIt ",
+      "content": "CGI Reflected XSS All Clients (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None a91b30b026cda759c2608e1c8216cdd13e265c030b8c47f4690cd2182e4ad166 /root/register.jsp None None None None None None None None None None 15 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -87992,7 +87992,7 @@
   },
   {
     "fields": {
-      "content": "CGI Reflected XSS All Clients (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None a91b30b026cda759c2608e1c8216cdd13e265c030b8c47f4690cd2182e4ad166 /root/register.jsp None None None None None None None None None None 147 N/A None BodgeIt ",
+      "content": "CGI Reflected XSS All Clients (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=737](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=737)\n\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 57\n**Column:** 405\n**Source Object:** basketId\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 57\n**Column:** 354\n**Source Object:** debug\n**Number:** 57\n**Code:** debug +=  \" userId = \" + userid + \" basketId = \" + basketId;\n-----\n**Line Number:** 96\n**Column:** 375\n**Source Object:** debug\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n**Line Number:** 96\n**Column:** 362\n**Source Object:** println\n**Number:** 96\n**Code:** out.println(\"DEBUG: \" + debug + \"\");\n-----\n N/A N/A None None  S2 None None a91b30b026cda759c2608e1c8216cdd13e265c030b8c47f4690cd2182e4ad166 /root/register.jsp None None None None None None None None None None 147 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88010,7 +88010,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (admin.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S2 None None 45fe7a9d8b946b2cbc6aaf8b5e36608cc629e5f388f91433664d3c2f19a29991 /root/admin.jsp None None None None None None None None None None 223 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (admin.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S2 None None 45fe7a9d8b946b2cbc6aaf8b5e36608cc629e5f388f91433664d3c2f19a29991 /root/admin.jsp None None None None None None None None None None 223 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88028,7 +88028,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (admin.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S2 None None 45fe7a9d8b946b2cbc6aaf8b5e36608cc629e5f388f91433664d3c2f19a29991 /root/admin.jsp None None None None None None None None None None 91 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (admin.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=742](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=742)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=743](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=743)\n\n**Line Number:** 16\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 16\n**Column:** 352\n**Source Object:** rs\n**Number:** 16\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 19\n**Column:** 359\n**Source Object:** rs\n**Number:** 19\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 22\n**Column:** 406\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 369\n**Source Object:** rs\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 22\n**Column:** 381\n**Source Object:** getString\n**Number:** 22\n**Code:** \"\" + rs.getString(\"type\") + \"\" + rs.getInt(\"currentbasketid\") + \"\");\n-----\n**Line Number:** 21\n**Column:** 364\n**Source Object:** println\n**Number:** 21\n**Code:** out.println(\"\" + rs.getInt(\"userid\") + \"\" + rs.getString(\"name\") +\n-----\n N/A N/A None None  S2 None None 45fe7a9d8b946b2cbc6aaf8b5e36608cc629e5f388f91433664d3c2f19a29991 /root/admin.jsp None None None None None None None None None None 91 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88046,7 +88046,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S2 None None 9e3aa3082f7d93e52f9bfe97630e9fd6f6c04c5791dd22505ab238d1a6bf9242 /root/basket.jsp None None None None None None None None None None 82 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S2 None None 9e3aa3082f7d93e52f9bfe97630e9fd6f6c04c5791dd22505ab238d1a6bf9242 /root/basket.jsp None None None None None None None None None None 82 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88064,7 +88064,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S2 None None 9e3aa3082f7d93e52f9bfe97630e9fd6f6c04c5791dd22505ab238d1a6bf9242 /root/basket.jsp None None None None None None None None None None 214 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=744](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=744)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=745](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=745)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=746](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=746)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=747](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=747)\n\n**Line Number:** 242\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 242\n**Column:** 352\n**Source Object:** rs\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 248\n**Column:** 359\n**Source Object:** rs\n**Number:** 248\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 250\n**Column:** 370\n**Source Object:** rs\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 382\n**Source Object:** getString\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 250\n**Column:** 360\n**Source Object:** product\n**Number:** 250\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 257\n**Column:** 436\n**Source Object:** product\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n**Line Number:** 257\n**Column:** 364\n**Source Object:** println\n**Number:** 257\n**Code:** out.println(\"\" + product + \"\");\n-----\n N/A N/A None None  S2 None None 9e3aa3082f7d93e52f9bfe97630e9fd6f6c04c5791dd22505ab238d1a6bf9242 /root/basket.jsp None None None None None None None None None None 214 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88082,7 +88082,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (header.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n N/A N/A None None  S2 None None d6251c8822044d55511b364098e264ca2113391d999c6aefe5c1cca3743e2f2d /root/header.jsp None None None None None None None None None None 96 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (header.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n N/A N/A None None  S2 None None d6251c8822044d55511b364098e264ca2113391d999c6aefe5c1cca3743e2f2d /root/header.jsp None None None None None None None None None None 96 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88100,7 +88100,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (header.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n N/A N/A None None  S2 None None d6251c8822044d55511b364098e264ca2113391d999c6aefe5c1cca3743e2f2d /root/header.jsp None None None None None None None None None None 228 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (header.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=753](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=753)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 14\n**Column:** 38\n**Source Object:** getAttribute\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 14\n**Column:** 10\n**Source Object:** username\n**Number:** 14\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 29\n**Column:** 52\n**Source Object:** username\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n**Line Number:** 29\n**Column:** 8\n**Source Object:** println\n**Number:** 29\n**Code:** out.println(\"User: \" + username + \"\");\n-----\n N/A N/A None None  S2 None None d6251c8822044d55511b364098e264ca2113391d999c6aefe5c1cca3743e2f2d /root/header.jsp None None None None None None None None None None 228 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88118,7 +88118,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None 541eb71776b2d297f9aa790c52297b4f7d26acb0bce7de33bda136fdefe43cb7 /root/home.jsp None None None None None None None None None None 152 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None 541eb71776b2d297f9aa790c52297b4f7d26acb0bce7de33bda136fdefe43cb7 /root/home.jsp None None None None None None None None None None 152 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88136,7 +88136,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None 541eb71776b2d297f9aa790c52297b4f7d26acb0bce7de33bda136fdefe43cb7 /root/home.jsp None None None None None None None None None None 20 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=750](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=750)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=751](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=751)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=752](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=752)\n\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 353\n**Source Object:** rs\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 26\n**Column:** 357\n**Source Object:** rs\n**Number:** 26\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 28\n**Column:** 371\n**Source Object:** rs\n**Number:** 28\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 29\n**Column:** 368\n**Source Object:** rs\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 380\n**Source Object:** getString\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 29\n**Column:** 361\n**Source Object:** type\n**Number:** 29\n**Code:** String type = rs.getString(\"type\");\n-----\n**Line Number:** 32\n**Column:** 384\n**Source Object:** type\n**Number:** 32\n**Code:** product + \"\" + type + \"\" + nf.format(price) + \"\");\n-----\n**Line Number:** 31\n**Column:** 365\n**Source Object:** println\n**Number:** 31\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None 541eb71776b2d297f9aa790c52297b4f7d26acb0bce7de33bda136fdefe43cb7 /root/home.jsp None None None None None None None None None None 20 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88154,7 +88154,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None 1aec22aeffa8b6201ad60b0a0d2b166ddbaefca6ab534bbc4d2a827bc02f5c20 /root/product.jsp None None None None None None None None None None 207 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None 1aec22aeffa8b6201ad60b0a0d2b166ddbaefca6ab534bbc4d2a827bc02f5c20 /root/product.jsp None None None None None None None None None None 207 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88172,7 +88172,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None 1aec22aeffa8b6201ad60b0a0d2b166ddbaefca6ab534bbc4d2a827bc02f5c20 /root/product.jsp None None None None None None None None None None 75 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=754](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=754)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=755](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=755)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=756](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=756)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=757](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=757)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=758](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=758)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=759](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=759)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=760](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=760)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=761](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=761)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=762](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=762)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=763](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=763)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=764](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=764)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=765](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=765)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=766](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=766)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=767](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=767)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=768](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=768)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=769](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=769)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=770](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=770)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 42\n**Column:** 353\n**Source Object:** rs\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 45\n**Column:** 360\n**Source Object:** rs\n**Number:** 45\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 47\n**Column:** 371\n**Source Object:** rs\n**Number:** 47\n**Code:** String product = rs.getString(\"product\");\n-----\n**Line Number:** 48\n**Column:** 373\n**Source Object:** rs\n**Number:** 48\n**Code:** BigDecimal price = rs.getBigDecimal(\"price\");\n-----\n**Line Number:** 50\n**Column:** 379\n**Source Object:** rs\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 50\n**Column:** 391\n**Source Object:** getString\n**Number:** 50\n**Code:** product + \"\" + rs.getString(\"type\")+\n-----\n**Line Number:** 49\n**Column:** 365\n**Source Object:** println\n**Number:** 49\n**Code:** out.println(\"\" +\n-----\n N/A N/A None None  S2 None None 1aec22aeffa8b6201ad60b0a0d2b166ddbaefca6ab534bbc4d2a827bc02f5c20 /root/product.jsp None None None None None None None None None None 75 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88190,7 +88190,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (score.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S2 None None 60fff62e2e1d2383da91886a96d64905e184a3044037dc2595c3ccf28faacd6c /root/score.jsp None None None None None None None None None None 179 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (score.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S2 None None 60fff62e2e1d2383da91886a96d64905e184a3044037dc2595c3ccf28faacd6c /root/score.jsp None None None None None None None None None None 179 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88208,7 +88208,7 @@
   },
   {
     "fields": {
-      "content": "CGI Stored XSS (score.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S2 None None 60fff62e2e1d2383da91886a96d64905e184a3044037dc2595c3ccf28faacd6c /root/score.jsp None None None None None None None None None None 47 N/A None BodgeIt ",
+      "content": "CGI Stored XSS (score.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=771](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=771)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=772](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=772)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=773](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=773)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=774](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=774)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=775](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=775)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=776](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=776)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 353\n**Source Object:** rs\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 17\n**Column:** 360\n**Source Object:** rs\n**Number:** 17\n**Code:** while (rs.next()) {\n-----\n**Line Number:** 19\n**Column:** 375\n**Source Object:** rs\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 387\n**Source Object:** getString\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n**Line Number:** 19\n**Column:** 365\n**Source Object:** println\n**Number:** 19\n**Code:** out.println(\"\" + rs.getString(\"description\") + \"\");\n-----\n N/A N/A None None  S2 None None 60fff62e2e1d2383da91886a96d64905e184a3044037dc2595c3ccf28faacd6c /root/score.jsp None None None None None None None None None None 47 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88226,7 +88226,7 @@
   },
   {
     "fields": {
-      "content": "Client Cross Frame Scripting Attack (advanced.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None 51b52607f2a5915cd128ba4e24ce8e22ba019757f074a0ebc27c33d91a55378b /root/advanced.jsp None None None None None None None None None None 165 N/A None BodgeIt ",
+      "content": "Client Cross Frame Scripting Attack (advanced.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None 51b52607f2a5915cd128ba4e24ce8e22ba019757f074a0ebc27c33d91a55378b /root/advanced.jsp None None None None None None None None None None 165 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88244,7 +88244,7 @@
   },
   {
     "fields": {
-      "content": "Client Cross Frame Scripting Attack (advanced.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None 51b52607f2a5915cd128ba4e24ce8e22ba019757f074a0ebc27c33d91a55378b /root/advanced.jsp None None None None None None None None None None 33 N/A None BodgeIt ",
+      "content": "Client Cross Frame Scripting Attack (advanced.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** JavaScript\n**Group:** JavaScript Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=81)\n\n**Line Number:** 1\n**Column:** 1\n**Source Object:** CxJSNS_1557034993\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None 51b52607f2a5915cd128ba4e24ce8e22ba019757f074a0ebc27c33d91a55378b /root/advanced.jsp None None None None None None None None None None 33 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88262,7 +88262,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (admin.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 75a93a572c186be5fe7f5221a64306b5b35dddf605b5e231ffc74442bd3728a4 /root/admin.jsp None None None None None None None None None None 52 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (admin.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 75a93a572c186be5fe7f5221a64306b5b35dddf605b5e231ffc74442bd3728a4 /root/admin.jsp None None None None None None None None None None 52 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88280,7 +88280,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (admin.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 75a93a572c186be5fe7f5221a64306b5b35dddf605b5e231ffc74442bd3728a4 /root/admin.jsp None None None None None None None None None None 184 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (admin.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=285)\n\n**Line Number:** 1\n**Column:** 621\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 75a93a572c186be5fe7f5221a64306b5b35dddf605b5e231ffc74442bd3728a4 /root/admin.jsp None None None None None None None None None None 184 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88298,7 +88298,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (advanced.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None ea8b569d6c5fe9dba625c6540acd9880534f7a19a5bf4b84fb838ad65d08d26f /root/advanced.jsp None None None None None None None None None None 138 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (advanced.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None ea8b569d6c5fe9dba625c6540acd9880534f7a19a5bf4b84fb838ad65d08d26f /root/advanced.jsp None None None None None None None None None None 138 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88316,7 +88316,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (advanced.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None ea8b569d6c5fe9dba625c6540acd9880534f7a19a5bf4b84fb838ad65d08d26f /root/advanced.jsp None None None None None None None None None None 270 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (advanced.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=286)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=287)\n\n**Line Number:** 1\n**Column:** 778\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None ea8b569d6c5fe9dba625c6540acd9880534f7a19a5bf4b84fb838ad65d08d26f /root/advanced.jsp None None None None None None None None None None 270 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88334,7 +88334,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=288](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=288)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=289](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=289)\n\n**Line Number:** 1\n**Column:** 680\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n N/A N/A None None  S2 None None f6025b614c1d26ee95556ebcb50473f42a57f04d7653abfd132e98baff1b433e /root/basket.jsp None None None None None None None None None None 272 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=288](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=288)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=289](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=289)\n\n**Line Number:** 1\n**Column:** 680\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n N/A N/A None None  S2 None None f6025b614c1d26ee95556ebcb50473f42a57f04d7653abfd132e98baff1b433e /root/basket.jsp None None None None None None None None None None 272 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88352,7 +88352,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (header.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n N/A N/A None None  S2 None None bef5f29fc5d5f44cef3dd5db1aaeeb5f2e5d7480a197045e6d176f0ab26b5fa2 /root/header.jsp None None None None None None None None None None 77 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (header.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n N/A N/A None None  S2 None None bef5f29fc5d5f44cef3dd5db1aaeeb5f2e5d7480a197045e6d176f0ab26b5fa2 /root/header.jsp None None None None None None None None None None 77 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88370,7 +88370,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (header.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n N/A N/A None None  S2 None None bef5f29fc5d5f44cef3dd5db1aaeeb5f2e5d7480a197045e6d176f0ab26b5fa2 /root/header.jsp None None None None None None None None None None 209 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (header.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=284)\n\n**Line Number:** 87\n**Column:** 10\n**Source Object:** forName\n**Number:** 87\n**Code:** Class.forName(\"org.hsqldb.jdbcDriver\" );\n-----\n N/A N/A None None  S2 None None bef5f29fc5d5f44cef3dd5db1aaeeb5f2e5d7480a197045e6d176f0ab26b5fa2 /root/header.jsp None None None None None None None None None None 209 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88388,7 +88388,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 3988a18fe8f515ab1f92c649f43f20d33e8e8692d00a9dc80f2863342b522698 /root/home.jsp None None None None None None None None None None 175 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 3988a18fe8f515ab1f92c649f43f20d33e8e8692d00a9dc80f2863342b522698 /root/home.jsp None None None None None None None None None None 175 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88406,7 +88406,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 3988a18fe8f515ab1f92c649f43f20d33e8e8692d00a9dc80f2863342b522698 /root/home.jsp None None None None None None None None None None 43 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=294)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=295)\n\n**Line Number:** 1\n**Column:** 640\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 3988a18fe8f515ab1f92c649f43f20d33e8e8692d00a9dc80f2863342b522698 /root/home.jsp None None None None None None None None None None 43 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88424,7 +88424,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298)\n\n N/A N/A None None  S2 None None a9c3269038ed8a49c4e7576b359f61a65a3bd82c163089bc20743e5a14aa0ab5 /root/login.jsp None None None None None None None None None None 141 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298)\n\n N/A N/A None None  S2 None None a9c3269038ed8a49c4e7576b359f61a65a3bd82c163089bc20743e5a14aa0ab5 /root/login.jsp None None None None None None None None None None 141 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88442,7 +88442,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=298)\n\n N/A N/A None None  S2 None None a9c3269038ed8a49c4e7576b359f61a65a3bd82c163089bc20743e5a14aa0ab5 /root/login.jsp None None None None None None None None None None 9 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=298)\n\n N/A N/A None None  S2 None None a9c3269038ed8a49c4e7576b359f61a65a3bd82c163089bc20743e5a14aa0ab5 /root/login.jsp None None None None None None None None None None 9 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88460,7 +88460,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 945eb840563ed9b29b08ff0838d391e775d2e45f26817ad0b321b41e608564cf /root/password.jsp None None None None None None None None None None 199 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 945eb840563ed9b29b08ff0838d391e775d2e45f26817ad0b321b41e608564cf /root/password.jsp None None None None None None None None None None 199 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88478,7 +88478,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 945eb840563ed9b29b08ff0838d391e775d2e45f26817ad0b321b41e608564cf /root/password.jsp None None None None None None None None None None 67 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=299)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=300)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=301)\n\n**Line Number:** 1\n**Column:** 625\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 945eb840563ed9b29b08ff0838d391e775d2e45f26817ad0b321b41e608564cf /root/password.jsp None None None None None None None None None None 67 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88496,7 +88496,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 92b54561d5d262a88920162ba7bf19fc0444975582be837047cab5d79c992447 /root/product.jsp None None None None None None None None None None 187 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 92b54561d5d262a88920162ba7bf19fc0444975582be837047cab5d79c992447 /root/product.jsp None None None None None None None None None None 187 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88514,7 +88514,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 92b54561d5d262a88920162ba7bf19fc0444975582be837047cab5d79c992447 /root/product.jsp None None None None None None None None None None 55 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=302)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=303)\n\n**Line Number:** 1\n**Column:** 643\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 92b54561d5d262a88920162ba7bf19fc0444975582be837047cab5d79c992447 /root/product.jsp None None None None None None None None None None 55 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88532,7 +88532,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305)\n\n N/A N/A None None  S2 None None 62f3875efdcf326015adee1ecd85c4ecdca5bc9c4719e5c9177dff8b0afffa1f /root/register.jsp None None None None None None None None None None 62 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305)\n\n N/A N/A None None  S2 None None 62f3875efdcf326015adee1ecd85c4ecdca5bc9c4719e5c9177dff8b0afffa1f /root/register.jsp None None None None None None None None None None 62 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88550,7 +88550,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=305)\n\n N/A N/A None None  S2 None None 62f3875efdcf326015adee1ecd85c4ecdca5bc9c4719e5c9177dff8b0afffa1f /root/register.jsp None None None None None None None None None None 194 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=304)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=305)\n\n N/A N/A None None  S2 None None 62f3875efdcf326015adee1ecd85c4ecdca5bc9c4719e5c9177dff8b0afffa1f /root/register.jsp None None None None None None None None None None 194 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88568,7 +88568,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (score.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307)\n\n N/A N/A None None  S2 None None 6e270eb7494286a67571f0d33112e997365a0de45a119ef8199d270c32d806ab /root/score.jsp None None None None None None None None None None 200 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (score.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307)\n\n N/A N/A None None  S2 None None 6e270eb7494286a67571f0d33112e997365a0de45a119ef8199d270c32d806ab /root/score.jsp None None None None None None None None None None 200 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88586,7 +88586,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (score.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=307)\n\n N/A N/A None None  S2 None None 6e270eb7494286a67571f0d33112e997365a0de45a119ef8199d270c32d806ab /root/score.jsp None None None None None None None None None None 68 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (score.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=306)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=307)\n\n N/A N/A None None  S2 None None 6e270eb7494286a67571f0d33112e997365a0de45a119ef8199d270c32d806ab /root/score.jsp None None None None None None None None None None 68 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88604,7 +88604,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (search.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S2 None None 7a001d11b5d7d20f5215658fc735a31e530696faddeae3eacf81662d4870e89a /root/search.jsp None None None None None None None None None None 110 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (search.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S2 None None 7a001d11b5d7d20f5215658fc735a31e530696faddeae3eacf81662d4870e89a /root/search.jsp None None None None None None None None None None 110 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88622,7 +88622,7 @@
   },
   {
     "fields": {
-      "content": "Download of Code Without Integrity Check (search.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S2 None None 7a001d11b5d7d20f5215658fc735a31e530696faddeae3eacf81662d4870e89a /root/search.jsp None None None None None None None None None None 242 N/A None BodgeIt ",
+      "content": "Download of Code Without Integrity Check (search.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=308)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=309)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** forName\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S2 None None 7a001d11b5d7d20f5215658fc735a31e530696faddeae3eacf81662d4870e89a /root/search.jsp None None None None None None None None None None 242 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88640,7 +88640,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (advanced.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None b755a0cc07b69b72eb284df102459af7c502318c53c769999ec925d0da354d44 /root/advanced.jsp None None None None None None None None None None 117 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (advanced.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None b755a0cc07b69b72eb284df102459af7c502318c53c769999ec925d0da354d44 /root/advanced.jsp None None None None None None None None None None 117 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88658,7 +88658,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (advanced.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S2 None None b755a0cc07b69b72eb284df102459af7c502318c53c769999ec925d0da354d44 /root/advanced.jsp None None None None None None None None None None 249 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (advanced.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=790)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=791)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n**Line Number:** 1\n**Column:** 860\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S2 None None b755a0cc07b69b72eb284df102459af7c502318c53c769999ec925d0da354d44 /root/advanced.jsp None None None None None None None None None None 249 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88676,7 +88676,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n N/A N/A None None  S2 None None 4568d7e34ac50ab291c955c8acb368e5abe73de05bd3080e2efc7b00f329600f /root/basket.jsp None None None None None None None None None None 50 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n N/A N/A None None  S2 None None 4568d7e34ac50ab291c955c8acb368e5abe73de05bd3080e2efc7b00f329600f /root/basket.jsp None None None None None None None None None None 50 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88694,7 +88694,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n N/A N/A None None  S2 None None 4568d7e34ac50ab291c955c8acb368e5abe73de05bd3080e2efc7b00f329600f /root/basket.jsp None None None None None None None None None None 182 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=792)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=793)\n\n**Line Number:** 1\n**Column:** 792\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 762\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n N/A N/A None None  S2 None None 4568d7e34ac50ab291c955c8acb368e5abe73de05bd3080e2efc7b00f329600f /root/basket.jsp None None None None None None None None None None 182 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88712,7 +88712,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (contact.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 964aeee36e5998da77d3229f43830d362838d860d9e30c415fb58e9686a49625 /root/contact.jsp None None None None None None None None None None 40 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (contact.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 964aeee36e5998da77d3229f43830d362838d860d9e30c415fb58e9686a49625 /root/contact.jsp None None None None None None None None None None 40 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88730,7 +88730,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (contact.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 964aeee36e5998da77d3229f43830d362838d860d9e30c415fb58e9686a49625 /root/contact.jsp None None None None None None None None None None 172 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (contact.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=794)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=795)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 704\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 964aeee36e5998da77d3229f43830d362838d860d9e30c415fb58e9686a49625 /root/contact.jsp None None None None None None None None None None 172 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88748,7 +88748,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (dbconnection.jspf) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None e57ed13a66f4041fa377af4db5110a50a8f4a67e0c7c2b3e955e4118844a2904 /root/dbconnection.jspf None None None None None None None None None None 173 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (dbconnection.jspf) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None e57ed13a66f4041fa377af4db5110a50a8f4a67e0c7c2b3e955e4118844a2904 /root/dbconnection.jspf None None None None None None None None None None 173 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88766,7 +88766,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (dbconnection.jspf) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None e57ed13a66f4041fa377af4db5110a50a8f4a67e0c7c2b3e955e4118844a2904 /root/dbconnection.jspf None None None None None None None None None None 41 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (dbconnection.jspf) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=796)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=797)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 643\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None e57ed13a66f4041fa377af4db5110a50a8f4a67e0c7c2b3e955e4118844a2904 /root/dbconnection.jspf None None None None None None None None None None 41 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88784,7 +88784,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 13ceb3acfb49f194493bfb0af44f5f886a9767aa1c6990c8a397af756d97209c /root/home.jsp None None None None None None None None None None 24 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 13ceb3acfb49f194493bfb0af44f5f886a9767aa1c6990c8a397af756d97209c /root/home.jsp None None None None None None None None None None 24 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88802,7 +88802,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 13ceb3acfb49f194493bfb0af44f5f886a9767aa1c6990c8a397af756d97209c /root/home.jsp None None None None None None None None None None 156 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=798)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=799)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 722\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 13ceb3acfb49f194493bfb0af44f5f886a9767aa1c6990c8a397af756d97209c /root/home.jsp None None None None None None None None None None 156 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88820,7 +88820,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (init.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 148a501a59e0d04eb52b5cd58b4d654b4a7883e8ad09dcd5801e775113a1000d /root/init.jsp None None None None None None None None None None 59 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (init.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 148a501a59e0d04eb52b5cd58b4d654b4a7883e8ad09dcd5801e775113a1000d /root/init.jsp None None None None None None None None None None 59 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88838,7 +88838,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (init.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 148a501a59e0d04eb52b5cd58b4d654b4a7883e8ad09dcd5801e775113a1000d /root/init.jsp None None None None None None None None None None 191 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (init.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=800)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=801)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2619\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 148a501a59e0d04eb52b5cd58b4d654b4a7883e8ad09dcd5801e775113a1000d /root/init.jsp None None None None None None None None None None 191 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88856,7 +88856,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802)\n\n N/A N/A None None  S2 None None fd480c121d5e26af3fb8c7ec89137aab25d86e44ff154f5aae742384cf80a2dd /root/login.jsp None None None None None None None None None None 248 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802)\n\n N/A N/A None None  S2 None None fd480c121d5e26af3fb8c7ec89137aab25d86e44ff154f5aae742384cf80a2dd /root/login.jsp None None None None None None None None None None 248 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88874,7 +88874,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=802)\n\n N/A N/A None None  S2 None None fd480c121d5e26af3fb8c7ec89137aab25d86e44ff154f5aae742384cf80a2dd /root/login.jsp None None None None None None None None None None 116 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=802)\n\n N/A N/A None None  S2 None None fd480c121d5e26af3fb8c7ec89137aab25d86e44ff154f5aae742384cf80a2dd /root/login.jsp None None None None None None None None None None 116 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88892,7 +88892,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None d947020e418c747ee99a0accd491030f65895189aefea2a96a390b3e843a9905 /root/password.jsp None None None None None None None None None None 34 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None d947020e418c747ee99a0accd491030f65895189aefea2a96a390b3e843a9905 /root/password.jsp None None None None None None None None None None 34 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88910,7 +88910,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None d947020e418c747ee99a0accd491030f65895189aefea2a96a390b3e843a9905 /root/password.jsp None None None None None None None None None None 166 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=803)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=804)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=805)\n\n**Line Number:** 1\n**Column:** 737\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 707\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None d947020e418c747ee99a0accd491030f65895189aefea2a96a390b3e843a9905 /root/password.jsp None None None None None None None None None None 166 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88928,7 +88928,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None bfd9b74841c8d988d57c99353742f1e3180934ca6be2149a3fb7377329b57b33 /root/product.jsp None None None None None None None None None None 148 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None bfd9b74841c8d988d57c99353742f1e3180934ca6be2149a3fb7377329b57b33 /root/product.jsp None None None None None None None None None None 148 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88946,7 +88946,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None bfd9b74841c8d988d57c99353742f1e3180934ca6be2149a3fb7377329b57b33 /root/product.jsp None None None None None None None None None None 16 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (product.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=806)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=807)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 725\n**Source Object:** getConnection\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None bfd9b74841c8d988d57c99353742f1e3180934ca6be2149a3fb7377329b57b33 /root/product.jsp None None None None None None None None None None 16 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88964,7 +88964,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (search.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S2 None None 775723c89fdaed1cc6b85ecc489c028159d261e95e7ad4ad80d03ddd63bc99ea /root/search.jsp None None None None None None None None None None 81 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (search.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S2 None None 775723c89fdaed1cc6b85ecc489c028159d261e95e7ad4ad80d03ddd63bc99ea /root/search.jsp None None None None None None None None None None 81 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -88982,7 +88982,7 @@
   },
   {
     "fields": {
-      "content": "Hardcoded Password in Connection String (search.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S2 None None 775723c89fdaed1cc6b85ecc489c028159d261e95e7ad4ad80d03ddd63bc99ea /root/search.jsp None None None None None None None None None None 213 N/A None BodgeIt ",
+      "content": "Hardcoded Password in Connection String (search.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=812)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=813)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S2 None None 775723c89fdaed1cc6b85ecc489c028159d261e95e7ad4ad80d03ddd63bc99ea /root/search.jsp None None None None None None None None None None 213 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89000,7 +89000,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (init.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 28820e0352bb80a1d3c1085204cfeb522ddd29ee680ae46350260bf63359646f /root/init.jsp None None None None None None None None None None 265 N/A None BodgeIt ",
+      "content": "Heap Inspection (init.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 28820e0352bb80a1d3c1085204cfeb522ddd29ee680ae46350260bf63359646f /root/init.jsp None None None None None None None None None None 265 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89018,7 +89018,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (init.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 28820e0352bb80a1d3c1085204cfeb522ddd29ee680ae46350260bf63359646f /root/init.jsp None None None None None None None None None None 133 N/A None BodgeIt ",
+      "content": "Heap Inspection (init.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=118)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=119)\n\n**Line Number:** 1\n**Column:** 563\n**Source Object:** passwordSize\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 28820e0352bb80a1d3c1085204cfeb522ddd29ee680ae46350260bf63359646f /root/init.jsp None None None None None None None None None None 133 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89036,7 +89036,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (login.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n N/A N/A None None  S2 None None 78439e5edd436844bb6dc527f6effe0836b88b0fb946747b7f957da95b479fc2 /root/login.jsp None None None None None None None None None None 54 N/A None BodgeIt ",
+      "content": "Heap Inspection (login.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n N/A N/A None None  S2 None None 78439e5edd436844bb6dc527f6effe0836b88b0fb946747b7f957da95b479fc2 /root/login.jsp None None None None None None None None None None 54 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89054,7 +89054,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (login.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n N/A N/A None None  S2 None None 78439e5edd436844bb6dc527f6effe0836b88b0fb946747b7f957da95b479fc2 /root/login.jsp None None None None None None None None None None 186 N/A None BodgeIt ",
+      "content": "Heap Inspection (login.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=114)\n\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n N/A N/A None None  S2 None None 78439e5edd436844bb6dc527f6effe0836b88b0fb946747b7f957da95b479fc2 /root/login.jsp None None None None None None None None None None 186 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89072,7 +89072,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (password.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None 2237f06cb695ec1da91d51cab9fb037d8a9e84f1aa9ddbfeef59eef1a65af47e /root/password.jsp None None None None None None None None None None 26 N/A None BodgeIt ",
+      "content": "Heap Inspection (password.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None 2237f06cb695ec1da91d51cab9fb037d8a9e84f1aa9ddbfeef59eef1a65af47e /root/password.jsp None None None None None None None None None None 26 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89090,7 +89090,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (password.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None 2237f06cb695ec1da91d51cab9fb037d8a9e84f1aa9ddbfeef59eef1a65af47e /root/password.jsp None None None None None None None None None None 158 N/A None BodgeIt ",
+      "content": "Heap Inspection (password.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=115)\n\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None 2237f06cb695ec1da91d51cab9fb037d8a9e84f1aa9ddbfeef59eef1a65af47e /root/password.jsp None None None None None None None None None None 158 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89108,7 +89108,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (register.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None 6e5f6914b0e963152cff1f6b9fe1c39a2f177979e6885bdbac5bd88f1d40d8cd /root/register.jsp None None None None None None None None None None 92 N/A None BodgeIt ",
+      "content": "Heap Inspection (register.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None 6e5f6914b0e963152cff1f6b9fe1c39a2f177979e6885bdbac5bd88f1d40d8cd /root/register.jsp None None None None None None None None None None 92 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89126,7 +89126,7 @@
   },
   {
     "fields": {
-      "content": "Heap Inspection (register.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None 6e5f6914b0e963152cff1f6b9fe1c39a2f177979e6885bdbac5bd88f1d40d8cd /root/register.jsp None None None None None None None None None None 224 N/A None BodgeIt ",
+      "content": "Heap Inspection (register.jsp) None None N/A Medium **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=116)\n\n**Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=117)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** password1\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n N/A N/A None None  S2 None None 6e5f6914b0e963152cff1f6b9fe1c39a2f177979e6885bdbac5bd88f1d40d8cd /root/register.jsp None None None None None None None None None None 224 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89144,7 +89144,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 06cd6507296edca41e97d652a873c31230bf98fa8bdeab477fedb680ff606932 /root/basket.jsp None None None None None None None None None None 193 N/A None BodgeIt ",
+      "content": "HttpOnlyCookies (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 06cd6507296edca41e97d652a873c31230bf98fa8bdeab477fedb680ff606932 /root/basket.jsp None None None None None None None None None None 193 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89162,7 +89162,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 06cd6507296edca41e97d652a873c31230bf98fa8bdeab477fedb680ff606932 /root/basket.jsp None None None None None None None None None None 61 N/A None BodgeIt ",
+      "content": "HttpOnlyCookies (basket.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=58)\n\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 06cd6507296edca41e97d652a873c31230bf98fa8bdeab477fedb680ff606932 /root/basket.jsp None None None None None None None None None None 61 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89180,7 +89180,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 93595b491f79115f85df3ef403cfc4ecd34e22dedf95aa24fbc18f56039d26f3 /root/login.jsp None None None None None None None None None None 259 N/A None BodgeIt ",
+      "content": "HttpOnlyCookies (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 93595b491f79115f85df3ef403cfc4ecd34e22dedf95aa24fbc18f56039d26f3 /root/login.jsp None None None None None None None None None None 259 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89198,7 +89198,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 93595b491f79115f85df3ef403cfc4ecd34e22dedf95aa24fbc18f56039d26f3 /root/login.jsp None None None None None None None None None None 127 N/A None BodgeIt ",
+      "content": "HttpOnlyCookies (login.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=59)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=60)\n\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 93595b491f79115f85df3ef403cfc4ecd34e22dedf95aa24fbc18f56039d26f3 /root/login.jsp None None None None None None None None None None 127 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89216,7 +89216,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 24e74e8be8b222cf0b17c034d03c5b43a130c2b960095eb44c55f470e50f6924 /root/register.jsp None None None None None None None None None None 14 N/A None BodgeIt ",
+      "content": "HttpOnlyCookies (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 24e74e8be8b222cf0b17c034d03c5b43a130c2b960095eb44c55f470e50f6924 /root/register.jsp None None None None None None None None None None 14 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89234,7 +89234,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 24e74e8be8b222cf0b17c034d03c5b43a130c2b960095eb44c55f470e50f6924 /root/register.jsp None None None None None None None None None None 146 N/A None BodgeIt ",
+      "content": "HttpOnlyCookies (register.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=61)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=62)\n\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n N/A N/A None None  S2 None None 24e74e8be8b222cf0b17c034d03c5b43a130c2b960095eb44c55f470e50f6924 /root/register.jsp None None None None None None None None None None 146 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89252,7 +89252,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies in Config (web.xml) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S2 None None 7d3502f71ea947677c3ae5e39ae8da99c7024c3820a1c546bbdfe3ea4a0fdfc0 /build/WEB-INF/web.xml None None None None None None None None None None 98 N/A None BodgeIt ",
+      "content": "HttpOnlyCookies in Config (web.xml) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S2 None None 7d3502f71ea947677c3ae5e39ae8da99c7024c3820a1c546bbdfe3ea4a0fdfc0 /build/WEB-INF/web.xml None None None None None None None None None None 98 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89270,7 +89270,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies in Config (web.xml) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S2 None None 7d3502f71ea947677c3ae5e39ae8da99c7024c3820a1c546bbdfe3ea4a0fdfc0 /build/WEB-INF/web.xml None None None None None None None None None None 230 N/A None BodgeIt ",
+      "content": "HttpOnlyCookies in Config (web.xml) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=64](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=64)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S2 None None 7d3502f71ea947677c3ae5e39ae8da99c7024c3820a1c546bbdfe3ea4a0fdfc0 /build/WEB-INF/web.xml None None None None None None None None None None 230 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89288,7 +89288,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies in Config (web.xml) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65)\n\n N/A N/A None None  S2 None None b29d81fdf7a5477a7badd1a47406a27deb12b90d0b3db17f567344d1ec24e65c /root/WEB-INF/web.xml None None None None None None None None None None 167 N/A None BodgeIt ",
+      "content": "HttpOnlyCookies in Config (web.xml) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65)\n\n N/A N/A None None  S2 None None b29d81fdf7a5477a7badd1a47406a27deb12b90d0b3db17f567344d1ec24e65c /root/WEB-INF/web.xml None None None None None None None None None None 167 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89306,7 +89306,7 @@
   },
   {
     "fields": {
-      "content": "HttpOnlyCookies in Config (web.xml) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=65)\n\n N/A N/A None None  S2 None None b29d81fdf7a5477a7badd1a47406a27deb12b90d0b3db17f567344d1ec24e65c /root/WEB-INF/web.xml None None None None None None None None None None 35 N/A None BodgeIt ",
+      "content": "HttpOnlyCookies in Config (web.xml) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.7 - Cross-site scripting (XSS),OWASP Top 10 2013;A3-Cross-Site Scripting (XSS)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=65)\n\n N/A N/A None None  S2 None None b29d81fdf7a5477a7badd1a47406a27deb12b90d0b3db17f567344d1ec24e65c /root/WEB-INF/web.xml None None None None None None None None None None 35 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89324,7 +89324,7 @@
   },
   {
     "fields": {
-      "content": "Session Fixation (AdvancedSearch.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n N/A N/A None None  S2 None None f24533b1fc628061c2037eb55ffe66aed6bfa2436fadaf6e424e4905ed238e21 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 56 N/A None BodgeIt ",
+      "content": "Session Fixation (AdvancedSearch.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n N/A N/A None None  S2 None None f24533b1fc628061c2037eb55ffe66aed6bfa2436fadaf6e424e4905ed238e21 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 56 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89342,7 +89342,7 @@
   },
   {
     "fields": {
-      "content": "Session Fixation (AdvancedSearch.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n N/A N/A None None  S2 None None f24533b1fc628061c2037eb55ffe66aed6bfa2436fadaf6e424e4905ed238e21 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 188 N/A None BodgeIt ",
+      "content": "Session Fixation (AdvancedSearch.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=55)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=56)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=57)\n\n**Line Number:** 48\n**Column:** 38\n**Source Object:** setAttribute\n**Number:** 48\n**Code:** this.session.setAttribute(\"key\", this.encryptKey);\n-----\n N/A N/A None None  S2 None None f24533b1fc628061c2037eb55ffe66aed6bfa2436fadaf6e424e4905ed238e21 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 188 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89360,7 +89360,7 @@
   },
   {
     "fields": {
-      "content": "Session Fixation (logout.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n N/A N/A None None  S2 None None 08569015fcc466a18ab405324d0dfe6af4b141110e47b73226ea117ecd44ff10 /root/logout.jsp None None None None None None None None None None 247 N/A None BodgeIt ",
+      "content": "Session Fixation (logout.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n N/A N/A None None  S2 None None 08569015fcc466a18ab405324d0dfe6af4b141110e47b73226ea117ecd44ff10 /root/logout.jsp None None None None None None None None None None 247 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89378,7 +89378,7 @@
   },
   {
     "fields": {
-      "content": "Session Fixation (logout.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n N/A N/A None None  S2 None None 08569015fcc466a18ab405324d0dfe6af4b141110e47b73226ea117ecd44ff10 /root/logout.jsp None None None None None None None None None None 115 N/A None BodgeIt ",
+      "content": "Session Fixation (logout.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=49)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=50)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=51)\n\n**Line Number:** 3\n**Column:** 370\n**Source Object:** setAttribute\n**Number:** 3\n**Code:** session.setAttribute(\"username\", null);\n-----\n N/A N/A None None  S2 None None 08569015fcc466a18ab405324d0dfe6af4b141110e47b73226ea117ecd44ff10 /root/logout.jsp None None None None None None None None None None 115 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89396,7 +89396,7 @@
   },
   {
     "fields": {
-      "content": "Trust Boundary Violation (login.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S2 None None 9ec4ce27f48767b96297ef3cb8eabba1814ea08a02801692a669540c5a7ce019 /root/login.jsp None None None None None None None None None None 28 N/A None BodgeIt ",
+      "content": "Trust Boundary Violation (login.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S2 None None 9ec4ce27f48767b96297ef3cb8eabba1814ea08a02801692a669540c5a7ce019 /root/login.jsp None None None None None None None None None None 28 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89414,7 +89414,7 @@
   },
   {
     "fields": {
-      "content": "Trust Boundary Violation (login.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S2 None None 9ec4ce27f48767b96297ef3cb8eabba1814ea08a02801692a669540c5a7ce019 /root/login.jsp None None None None None None None None None None 160 N/A None BodgeIt ",
+      "content": "Trust Boundary Violation (login.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=815)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S2 None None 9ec4ce27f48767b96297ef3cb8eabba1814ea08a02801692a669540c5a7ce019 /root/login.jsp None None None None None None None None None None 160 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89432,7 +89432,7 @@
   },
   {
     "fields": {
-      "content": "Use of Cryptographically Weak PRNG (contact.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=14](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=14)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None 39052e0796f538556f2cc6c00b63fbed65ab036a874c9ed0672e6825d68602a2 /root/contact.jsp None None None None None None None None None None 274 N/A None BodgeIt ",
+      "content": "Use of Cryptographically Weak PRNG (contact.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=14](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=14)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None 39052e0796f538556f2cc6c00b63fbed65ab036a874c9ed0672e6825d68602a2 /root/contact.jsp None None None None None None None None None None 274 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89450,7 +89450,7 @@
   },
   {
     "fields": {
-      "content": "Use of Cryptographically Weak PRNG (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None 05880cd0576bed75819cae74abce873fdcce5f857ec95d937a458b0ca0a49195 /root/home.jsp None None None None None None None None None None 159 N/A None BodgeIt ",
+      "content": "Use of Cryptographically Weak PRNG (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None 05880cd0576bed75819cae74abce873fdcce5f857ec95d937a458b0ca0a49195 /root/home.jsp None None None None None None None None None None 159 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89468,7 +89468,7 @@
   },
   {
     "fields": {
-      "content": "Use of Cryptographically Weak PRNG (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None 05880cd0576bed75819cae74abce873fdcce5f857ec95d937a458b0ca0a49195 /root/home.jsp None None None None None None None None None None 27 N/A None BodgeIt ",
+      "content": "Use of Cryptographically Weak PRNG (home.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=15)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None 05880cd0576bed75819cae74abce873fdcce5f857ec95d937a458b0ca0a49195 /root/home.jsp None None None None None None None None None None 27 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89486,7 +89486,7 @@
   },
   {
     "fields": {
-      "content": "Use of Cryptographically Weak PRNG (init.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None afa0b4d8453f20629d5863f0cb1b8d4e31bf2e8c4476db973a78731ffcf08bd2 /root/init.jsp None None None None None None None None None None 206 N/A None BodgeIt ",
+      "content": "Use of Cryptographically Weak PRNG (init.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None afa0b4d8453f20629d5863f0cb1b8d4e31bf2e8c4476db973a78731ffcf08bd2 /root/init.jsp None None None None None None None None None None 206 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89504,7 +89504,7 @@
   },
   {
     "fields": {
-      "content": "Use of Cryptographically Weak PRNG (init.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None afa0b4d8453f20629d5863f0cb1b8d4e31bf2e8c4476db973a78731ffcf08bd2 /root/init.jsp None None None None None None None None None None 74 N/A None BodgeIt ",
+      "content": "Use of Cryptographically Weak PRNG (init.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=16)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None afa0b4d8453f20629d5863f0cb1b8d4e31bf2e8c4476db973a78731ffcf08bd2 /root/init.jsp None None None None None None None None None None 74 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89522,7 +89522,7 @@
   },
   {
     "fields": {
-      "content": "Use of Hard Coded Cryptographic Key (AES.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n N/A N/A None None  S2 None None 779b4fe3dd494b8c323ddb7cb879f60051ac263904a16ac65af5a210cf797c0b /src/com/thebodgeitstore/util/AES.java None None None None None None None None None None 99 N/A None BodgeIt ",
+      "content": "Use of Hard Coded Cryptographic Key (AES.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n N/A N/A None None  S2 None None 779b4fe3dd494b8c323ddb7cb879f60051ac263904a16ac65af5a210cf797c0b /src/com/thebodgeitstore/util/AES.java None None None None None None None None None None 99 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89540,7 +89540,7 @@
   },
   {
     "fields": {
-      "content": "Use of Hard Coded Cryptographic Key (AES.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n N/A N/A None None  S2 None None 779b4fe3dd494b8c323ddb7cb879f60051ac263904a16ac65af5a210cf797c0b /src/com/thebodgeitstore/util/AES.java None None None None None None None None None None 231 N/A None BodgeIt ",
+      "content": "Use of Hard Coded Cryptographic Key (AES.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=779)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=780)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=781)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=782)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=783)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=784)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=785)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=786)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=787)\n\n**Line Number:** 50\n**Column:** 43\n**Source Object:** \"\"AES/ECB/NoPadding\"\"\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 42\n**Source Object:** getInstance\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n**Line Number:** 50\n**Column:** 19\n**Source Object:** c2\n**Number:** 50\n**Code:** Cipher c2 = Cipher.getInstance(\"AES/ECB/NoPadding\");\n-----\n N/A N/A None None  S2 None None 779b4fe3dd494b8c323ddb7cb879f60051ac263904a16ac65af5a210cf797c0b /src/com/thebodgeitstore/util/AES.java None None None None None None None None None None 231 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89558,7 +89558,7 @@
   },
   {
     "fields": {
-      "content": "Use of Hard Coded Cryptographic Key (AdvancedSearch.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n N/A N/A None None  S2 None None d68d7152bc4b3f069aa236ff41cab28da77d7e668b77cb4de10ae8bf7a2e85be /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 88 N/A None BodgeIt ",
+      "content": "Use of Hard Coded Cryptographic Key (AdvancedSearch.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n N/A N/A None None  S2 None None d68d7152bc4b3f069aa236ff41cab28da77d7e668b77cb4de10ae8bf7a2e85be /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 88 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89576,7 +89576,7 @@
   },
   {
     "fields": {
-      "content": "Use of Hard Coded Cryptographic Key (AdvancedSearch.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n N/A N/A None None  S2 None None d68d7152bc4b3f069aa236ff41cab28da77d7e668b77cb4de10ae8bf7a2e85be /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 220 N/A None BodgeIt ",
+      "content": "Use of Hard Coded Cryptographic Key (AdvancedSearch.java) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.4 - Insecure communications,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=778)\n\n**Line Number:** 47\n**Column:** 70\n**Source Object:** 0\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 69\n**Source Object:** substring\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 47\n**Column:** 17\n**Source Object:** encryptKey\n**Number:** 47\n**Code:** this.encryptKey = UUID.randomUUID().toString().substring(0, 16);\n-----\n**Line Number:** 17\n**Column:** 374\n**Source Object:** AdvancedSearch\n**Number:** 17\n**Code:** AdvancedSearch as = new AdvancedSearch(request, session, conn);\n-----\n**Line Number:** 18\n**Column:** 357\n**Source Object:** as\n**Number:** 18\n**Code:** if(as.isAjax()){\n-----\n**Line Number:** 26\n**Column:** 20\n**Source Object:** encryptKey\n**Number:** 26\n**Code:** private String encryptKey = null;\n-----\n N/A N/A None None  S2 None None d68d7152bc4b3f069aa236ff41cab28da77d7e668b77cb4de10ae8bf7a2e85be /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 220 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89594,7 +89594,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (contact.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None 78ceea05b00023deec3b210877d332bf03d07b237e8339f508a18c62b1146f88 /root/contact.jsp None None None None None None None None None None 257 N/A None BodgeIt ",
+      "content": "Use of Insufficiently Random Values (contact.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None 78ceea05b00023deec3b210877d332bf03d07b237e8339f508a18c62b1146f88 /root/contact.jsp None None None None None None None None None None 257 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89612,7 +89612,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (contact.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None 78ceea05b00023deec3b210877d332bf03d07b237e8339f508a18c62b1146f88 /root/contact.jsp None None None None None None None None None None 125 N/A None BodgeIt ",
+      "content": "Use of Insufficiently Random Values (contact.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=22)\n\n**Line Number:** 54\n**Column:** 377\n**Source Object:** random\n**Number:** 54\n**Code:** anticsrf = \"\" + Math.random();\n-----\n N/A N/A None None  S2 None None 78ceea05b00023deec3b210877d332bf03d07b237e8339f508a18c62b1146f88 /root/contact.jsp None None None None None None None None None None 125 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89630,7 +89630,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (home.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=23](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=23)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None 67622d1c580dd13b751a2f6684e3b1e764c0b2059520e9b6683c5b8a6560262a /root/home.jsp None None None None None None None None None None 277 N/A None BodgeIt ",
+      "content": "Use of Insufficiently Random Values (home.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=23](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=23)\n\n**Line Number:** 24\n**Column:** 469\n**Source Object:** random\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n N/A N/A None None  S2 None None 67622d1c580dd13b751a2f6684e3b1e764c0b2059520e9b6683c5b8a6560262a /root/home.jsp None None None None None None None None None None 277 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89648,7 +89648,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (init.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 2fe1558daec12a621f0504714bee44be8d382a57c7cdda160ddad8a2e8b8ca48 /root/init.jsp None None None None None None None None None None 83 N/A None BodgeIt ",
+      "content": "Use of Insufficiently Random Values (init.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 2fe1558daec12a621f0504714bee44be8d382a57c7cdda160ddad8a2e8b8ca48 /root/init.jsp None None None None None None None None None None 83 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89666,7 +89666,7 @@
   },
   {
     "fields": {
-      "content": "Use of Insufficiently Random Values (init.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S2 None None 2fe1558daec12a621f0504714bee44be8d382a57c7cdda160ddad8a2e8b8ca48 /root/init.jsp None None None None None None None None None None 215 N/A None BodgeIt ",
+      "content": "Use of Insufficiently Random Values (init.jsp) None None N/A Medium **Category:** \n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=24)\n\n**Line Number:** 1\n**Column:** 599\n**Source Object:** random\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S2 None None 2fe1558daec12a621f0504714bee44be8d382a57c7cdda160ddad8a2e8b8ca48 /root/init.jsp None None None None None None None None None None 215 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89684,7 +89684,7 @@
   },
   {
     "fields": {
-      "content": "XSRF (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S2 None None 371010ba334ccc433d73bf0c9cdaec557d5f7ec338c6f925d8a71763a228d473 /root/password.jsp None None None None None None None None None None 269 N/A None BodgeIt ",
+      "content": "XSRF (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S2 None None 371010ba334ccc433d73bf0c9cdaec557d5f7ec338c6f925d8a71763a228d473 /root/password.jsp None None None None None None None None None None 269 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89702,7 +89702,7 @@
   },
   {
     "fields": {
-      "content": "XSRF (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S2 None None 371010ba334ccc433d73bf0c9cdaec557d5f7ec338c6f925d8a71763a228d473 /root/password.jsp None None None None None None None None None None 137 N/A None BodgeIt ",
+      "content": "XSRF (password.jsp) None None N/A Medium **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=821)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=822)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=823)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=824)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=825)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=826)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=827)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=828)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=829)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=830)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=831)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=832)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=833)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.9 - Cross-site request forgery,OWASP Top 10 2013;A8-Cross-Site Request Forgery (CSRF)\n**Language:** Java\n**Group:** Java Medium Threat\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=834)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S2 None None 371010ba334ccc433d73bf0c9cdaec557d5f7ec338c6f925d8a71763a228d473 /root/password.jsp None None None None None None None None None None 137 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -89774,7 +89774,7 @@
   },
   {
     "fields": {
-      "content": "Errors Unhandled.-G104 None None N/A Low Filename: /vagrant/go/src/govwa/setting/setting.go\nLine number: 66\nIssue Confidence: HIGH\n\nCode:\n_ = db.QueryRow(sql).Scan(\u0026version)\n coming soon  None None  S3 None None 6a2543c093ae3492085ed185e29728240264e6b42d20e2594afa0e3bde0df7ed /vagrant/go/src/govwa/setting/setting.go None None None None None None None None None None 326 N/A None BodgeIt ",
+      "content": "Errors Unhandled.-G104 None None N/A Low Filename: /vagrant/go/src/govwa/setting/setting.go\nLine number: 66\nIssue Confidence: HIGH\n\nCode:\n_ = db.QueryRow(sql).Scan(&version)\n coming soon  None None  S3 None None 6a2543c093ae3492085ed185e29728240264e6b42d20e2594afa0e3bde0df7ed /vagrant/go/src/govwa/setting/setting.go None None None None None None None None None None 326 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90116,7 +90116,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None f8234be5bed59174a5f1f4efef0acb152b788f55c1804e2abbc185fe69ceea31 /root/basket.jsp None None None None None None None None None None 229 N/A None BodgeIt ",
+      "content": "Blind SQL Injections (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None f8234be5bed59174a5f1f4efef0acb152b788f55c1804e2abbc185fe69ceea31 /root/basket.jsp None None None None None None None None None None 229 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90134,7 +90134,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None f8234be5bed59174a5f1f4efef0acb152b788f55c1804e2abbc185fe69ceea31 /root/basket.jsp None None None None None None None None None None 97 N/A None BodgeIt ",
+      "content": "Blind SQL Injections (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=416)\n\n**Line Number:** 148\n**Column:** 391\n**Source Object:** \"\"productid\"\"\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 390\n**Source Object:** getParameter\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 148\n**Column:** 358\n**Source Object:** productId\n**Number:** 148\n**Code:** String productId = request.getParameter(\"productid\");\n-----\n**Line Number:** 172\n**Column:** 410\n**Source Object:** productId\n**Number:** 172\n**Code:** \" WHERE basketid=\" + basketId + \" AND productid = \" + productId);\n-----\n**Line Number:** 171\n**Column:** 382\n**Source Object:** prepareStatement\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 171\n**Column:** 354\n**Source Object:** stmt\n**Number:** 171\n**Code:** stmt = conn.prepareStatement(\"UPDATE BasketContents SET quantity = \" + Integer.parseInt(quantity) +\n-----\n**Line Number:** 173\n**Column:** 354\n**Source Object:** stmt\n**Number:** 173\n**Code:** stmt.execute();\n-----\n**Line Number:** 173\n**Column:** 366\n**Source Object:** execute\n**Number:** 173\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None f8234be5bed59174a5f1f4efef0acb152b788f55c1804e2abbc185fe69ceea31 /root/basket.jsp None None None None None None None None None None 97 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90152,7 +90152,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None 2de5b8ed091eaaf750260b056239152b81363c790977699374b03d93e1d28551 /root/login.jsp None None None None None None None None None None 79 N/A None BodgeIt ",
+      "content": "Blind SQL Injections (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None 2de5b8ed091eaaf750260b056239152b81363c790977699374b03d93e1d28551 /root/login.jsp None None None None None None None None None None 79 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90170,7 +90170,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None 2de5b8ed091eaaf750260b056239152b81363c790977699374b03d93e1d28551 /root/login.jsp None None None None None None None None None None 211 N/A None BodgeIt ",
+      "content": "Blind SQL Injections (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=417)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=418)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=419)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=420)\n\n**Line Number:** 8\n**Column:** 398\n**Source Object:** \"\"password\"\"\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 397\n**Source Object:** getParameter\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 8\n**Column:** 357\n**Source Object:** password\n**Number:** 8\n**Code:** String password = (String) request.getParameter(\"password\");\n-----\n**Line Number:** 15\n**Column:** 449\n**Source Object:** password\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None 2de5b8ed091eaaf750260b056239152b81363c790977699374b03d93e1d28551 /root/login.jsp None None None None None None None None None None 211 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90188,7 +90188,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (password.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None 8d7b5f3962f521cd5c2dc40e4ef9a7cc10cfc30efb90f4b5841e8e5463656c61 /root/password.jsp None None None None None None None None None None 157 N/A None BodgeIt ",
+      "content": "Blind SQL Injections (password.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None 8d7b5f3962f521cd5c2dc40e4ef9a7cc10cfc30efb90f4b5841e8e5463656c61 /root/password.jsp None None None None None None None None None None 157 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90206,7 +90206,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (password.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null \u0026\u0026 password1.length() \u003e 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None 8d7b5f3962f521cd5c2dc40e4ef9a7cc10cfc30efb90f4b5841e8e5463656c61 /root/password.jsp None None None None None None None None None None 25 N/A None BodgeIt ",
+      "content": "Blind SQL Injections (password.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=421)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=422)\n\n**Line Number:** 10\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 10\n**Column:** 357\n**Source Object:** password1\n**Number:** 10\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 15\n**Column:** 375\n**Source Object:** password1\n**Number:** 15\n**Code:** if (password1 != null && password1.length() > 0) {\n-----\n**Line Number:** 16\n**Column:** 358\n**Source Object:** password1\n**Number:** 16\n**Code:** if ( ! password1.equals(password2)) {\n-----\n**Line Number:** 18\n**Column:** 384\n**Source Object:** password1\n**Number:** 18\n**Code:** }  else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 24\n**Column:** 404\n**Source Object:** password1\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None 8d7b5f3962f521cd5c2dc40e4ef9a7cc10cfc30efb90f4b5841e8e5463656c61 /root/password.jsp None None None None None None None None None None 25 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90224,7 +90224,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None c3fb1583f06a0ce7bee2084607680b357d63dd8f9cc56d5d09f0601a3c62a336 /root/register.jsp None None None None None None None None None None 240 N/A None BodgeIt ",
+      "content": "Blind SQL Injections (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None c3fb1583f06a0ce7bee2084607680b357d63dd8f9cc56d5d09f0601a3c62a336 /root/register.jsp None None None None None None None None None None 240 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90242,7 +90242,7 @@
   },
   {
     "fields": {
-      "content": "Blind SQL Injections (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() \u003c 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None c3fb1583f06a0ce7bee2084607680b357d63dd8f9cc56d5d09f0601a3c62a336 /root/register.jsp None None None None None None None None None None 108 N/A None BodgeIt ",
+      "content": "Blind SQL Injections (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.1 - Injection flaws - particularly SQL injection,OWASP Top 10 2013;A1-Injection\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=423)\n\n**Line Number:** 7\n**Column:** 399\n**Source Object:** \"\"password1\"\"\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 7\n**Column:** 398\n**Source Object:** getParameter\n**Number:** 7\n**Code:** String password1 = (String) request.getParameter(\"password1\");\n-----\n**Line Number:** 22\n**Column:** 383\n**Source Object:** password1\n**Number:** 22\n**Code:** } else if (password1 == null || password1.length() < 5) {\n-----\n**Line Number:** 25\n**Column:** 362\n**Source Object:** password1\n**Number:** 25\n**Code:** } else if (password1.equals(password2)) {\n-----\n**Line Number:** 30\n**Column:** 450\n**Source Object:** password1\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None c3fb1583f06a0ce7bee2084607680b357d63dd8f9cc56d5d09f0601a3c62a336 /root/register.jsp None None None None None None None None None None 108 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90260,7 +90260,7 @@
   },
   {
     "fields": {
-      "content": "Client DOM Open Redirect (advanced.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** New Search\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** New Search\n-----\n N/A N/A None None  S3 None None 3173d904f9ac1a4779a3b5fd52f271e6a7871d6cb5387d2ced15025a4a15db93 /root/advanced.jsp None None None None None None None None None None 80 N/A None BodgeIt ",
+      "content": "Client DOM Open Redirect (advanced.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** New Search\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** New Search\n-----\n N/A N/A None None  S3 None None 3173d904f9ac1a4779a3b5fd52f271e6a7871d6cb5387d2ced15025a4a15db93 /root/advanced.jsp None None None None None None None None None None 80 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90278,7 +90278,7 @@
   },
   {
     "fields": {
-      "content": "Client DOM Open Redirect (advanced.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** New Search\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** New Search\n-----\n N/A N/A None None  S3 None None 3173d904f9ac1a4779a3b5fd52f271e6a7871d6cb5387d2ced15025a4a15db93 /root/advanced.jsp None None None None None None None None None None 212 N/A None BodgeIt ",
+      "content": "Client DOM Open Redirect (advanced.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A10-Unvalidated Redirects and Forwards\n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=66](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=66)\n\n**Line Number:** 48\n**Column:** 63\n**Source Object:** href\n**Number:** 48\n**Code:** New Search\n-----\n**Line Number:** 48\n**Column:** 38\n**Source Object:** location\n**Number:** 48\n**Code:** New Search\n-----\n N/A N/A None None  S3 None None 3173d904f9ac1a4779a3b5fd52f271e6a7871d6cb5387d2ced15025a4a15db93 /root/advanced.jsp None None None None None None None None None None 212 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90296,7 +90296,7 @@
   },
   {
     "fields": {
-      "content": "Client Insecure Randomness (encryption.js) None None N/A Low **Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n N/A N/A None None  S3 None None 9b003338465e31c37f36b2a2d9b01bf9003d1d2631e2c409b3d19d02c93a20b6 /root/js/encryption.js None None None None None None None None None None 149 N/A None BodgeIt ",
+      "content": "Client Insecure Randomness (encryption.js) None None N/A Low **Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n N/A N/A None None  S3 None None 9b003338465e31c37f36b2a2d9b01bf9003d1d2631e2c409b3d19d02c93a20b6 /root/js/encryption.js None None None None None None None None None None 149 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90314,7 +90314,7 @@
   },
   {
     "fields": {
-      "content": "Client Insecure Randomness (encryption.js) None None N/A Low **Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n N/A N/A None None  S3 None None 9b003338465e31c37f36b2a2d9b01bf9003d1d2631e2c409b3d19d02c93a20b6 /root/js/encryption.js None None None None None None None None None None 17 N/A None BodgeIt ",
+      "content": "Client Insecure Randomness (encryption.js) None None N/A Low **Category:** \n**Language:** JavaScript\n**Group:** JavaScript Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=68)\n\n**Line Number:** 127\n**Column:** 28\n**Source Object:** random\n**Number:** 127\n**Code:** var h = Math.floor(Math.random() * 65535);\n-----\n N/A N/A None None  S3 None None 9b003338465e31c37f36b2a2d9b01bf9003d1d2631e2c409b3d19d02c93a20b6 /root/js/encryption.js None None None None None None None None None None 17 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90332,7 +90332,7 @@
   },
   {
     "fields": {
-      "content": "Collapse of Data Into Unsafe Value (contact.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "Collapse of Data Into Unsafe Value (contact.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "finding"
@@ -90350,7 +90350,7 @@
   },
   {
     "fields": {
-      "content": "Collapse of Data Into Unsafe Value (contact.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"",
+      "content": "Collapse of Data Into Unsafe Value (contact.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=4](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=4)\n\n**Line Number:** 19\n**Column:** 379\n**Source Object:** replace\n**Number:** 19\n**Code:** comments = comments.replace(\"\", \"\");\n-----\n**Line Number:** 19\n**Column:** 352\n**Source Object:** comments\n**Number:** 19\n**Code:** comments = comments.replace(\"",
       "content_type": [
         "dojo",
         "finding"
@@ -90368,7 +90368,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (advanced.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S3 None None 35055620006745673ffba1cb3c1e8c09a9fd59f6438e6d45fbbb222a10968120 /root/advanced.jsp None None None None None None None None None None 178 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (advanced.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S3 None None 35055620006745673ffba1cb3c1e8c09a9fd59f6438e6d45fbbb222a10968120 /root/advanced.jsp None None None None None None None None None None 178 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90386,7 +90386,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (advanced.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%\u003e\n-----\n N/A N/A None None  S3 None None 35055620006745673ffba1cb3c1e8c09a9fd59f6438e6d45fbbb222a10968120 /root/advanced.jsp None None None None None None None None None None 46 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (advanced.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=88)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=89)\n\n**Line Number:** 1\n**Column:** 890\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"com.thebodgeitstore.search.AdvancedSearch\"%>\n-----\n N/A N/A None None  S3 None None 35055620006745673ffba1cb3c1e8c09a9fd59f6438e6d45fbbb222a10968120 /root/advanced.jsp None None None None None None None None None None 46 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90404,7 +90404,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (contact.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None ce6c5523b17b77be323a526e757f04235f6d8a3023ac5208b12b7c34de4fcbb6 /root/contact.jsp None None None None None None None None None None 267 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (contact.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None ce6c5523b17b77be323a526e757f04235f6d8a3023ac5208b12b7c34de4fcbb6 /root/contact.jsp None None None None None None None None None None 267 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90422,7 +90422,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (contact.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None ce6c5523b17b77be323a526e757f04235f6d8a3023ac5208b12b7c34de4fcbb6 /root/contact.jsp None None None None None None None None None None 135 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (contact.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=92)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=93)\n\n**Line Number:** 1\n**Column:** 734\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None ce6c5523b17b77be323a526e757f04235f6d8a3023ac5208b12b7c34de4fcbb6 /root/contact.jsp None None None None None None None None None None 135 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90440,7 +90440,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (dbconnection.jspf) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None 24cd9b35200f9ca729fcccb8348baccd2ddfeee2f22177fd40e46931f8547659 /root/dbconnection.jspf None None None None None None None None None None 190 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (dbconnection.jspf) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None 24cd9b35200f9ca729fcccb8348baccd2ddfeee2f22177fd40e46931f8547659 /root/dbconnection.jspf None None None None None None None None None None 190 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90458,7 +90458,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (dbconnection.jspf) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None 24cd9b35200f9ca729fcccb8348baccd2ddfeee2f22177fd40e46931f8547659 /root/dbconnection.jspf None None None None None None None None None None 58 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (dbconnection.jspf) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=94)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=95)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None 24cd9b35200f9ca729fcccb8348baccd2ddfeee2f22177fd40e46931f8547659 /root/dbconnection.jspf None None None None None None None None None None 58 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90476,7 +90476,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n N/A N/A None None  S3 None None 66ad49b768c1dcb417d1047d6a3e134473f45969fdc41c529a37088dec29804e /root/header.jsp None None None None None None None None None None 71 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n N/A N/A None None  S3 None None 66ad49b768c1dcb417d1047d6a3e134473f45969fdc41c529a37088dec29804e /root/header.jsp None None None None None None None None None None 71 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90494,7 +90494,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n N/A N/A None None  S3 None None 66ad49b768c1dcb417d1047d6a3e134473f45969fdc41c529a37088dec29804e /root/header.jsp None None None None None None None None None None 203 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=86)\n\n**Line Number:** 89\n**Column:** 1\n**Source Object:** \"\"\"\"\n**Number:** 89\n**Code:** c = DriverManager.getConnection(\"jdbc:hsqldb:mem:SQL\", \"sa\", \"\");\n-----\n N/A N/A None None  S3 None None 66ad49b768c1dcb417d1047d6a3e134473f45969fdc41c529a37088dec29804e /root/header.jsp None None None None None None None None None None 203 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90512,7 +90512,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None 7dba1c0820d0f6017ca3333f7f9a8865a862604c4b13a1eed04666c6e364fa36 /root/home.jsp None None None None None None None None None None 64 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None 7dba1c0820d0f6017ca3333f7f9a8865a862604c4b13a1eed04666c6e364fa36 /root/home.jsp None None None None None None None None None None 64 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90530,7 +90530,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None 7dba1c0820d0f6017ca3333f7f9a8865a862604c4b13a1eed04666c6e364fa36 /root/home.jsp None None None None None None None None None None 196 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=96)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=97)\n\n**Line Number:** 1\n**Column:** 752\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None 7dba1c0820d0f6017ca3333f7f9a8865a862604c4b13a1eed04666c6e364fa36 /root/home.jsp None None None None None None None None None None 196 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90548,7 +90548,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (init.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None afd07fc450ae8609c93797c8fd893028f7d8a9841999facd0a08236696c05841 /root/init.jsp None None None None None None None None None None 53 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (init.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None afd07fc450ae8609c93797c8fd893028f7d8a9841999facd0a08236696c05841 /root/init.jsp None None None None None None None None None None 53 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90566,7 +90566,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (init.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None afd07fc450ae8609c93797c8fd893028f7d8a9841999facd0a08236696c05841 /root/init.jsp None None None None None None None None None None 185 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (init.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=98)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=99)\n\n**Line Number:** 1\n**Column:** 2649\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None afd07fc450ae8609c93797c8fd893028f7d8a9841999facd0a08236696c05841 /root/init.jsp None None None None None None None None None None 185 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90584,7 +90584,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100)\n\n N/A N/A None None  S3 None None eba9a993ff2b55ebdda24cb3c0fbc777bd7bcf038a01463f56b2f472f5a95296 /root/login.jsp None None None None None None None None None None 123 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100)\n\n N/A N/A None None  S3 None None eba9a993ff2b55ebdda24cb3c0fbc777bd7bcf038a01463f56b2f472f5a95296 /root/login.jsp None None None None None None None None None None 123 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90602,7 +90602,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=100)\n\n N/A N/A None None  S3 None None eba9a993ff2b55ebdda24cb3c0fbc777bd7bcf038a01463f56b2f472f5a95296 /root/login.jsp None None None None None None None None None None 255 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=100)\n\n N/A N/A None None  S3 None None eba9a993ff2b55ebdda24cb3c0fbc777bd7bcf038a01463f56b2f472f5a95296 /root/login.jsp None None None None None None None None None None 255 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90620,7 +90620,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None ae4e2ef51220be9b4ca71ee34ae9d174d093e6dd2da41951bc4ad2139a4dad3f /root/product.jsp None None None None None None None None None None 31 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None ae4e2ef51220be9b4ca71ee34ae9d174d093e6dd2da41951bc4ad2139a4dad3f /root/product.jsp None None None None None None None None None None 31 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90638,7 +90638,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None ae4e2ef51220be9b4ca71ee34ae9d174d093e6dd2da41951bc4ad2139a4dad3f /root/product.jsp None None None None None None None None None None 163 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=104)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=105)\n\n**Line Number:** 1\n**Column:** 755\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None ae4e2ef51220be9b4ca71ee34ae9d174d093e6dd2da41951bc4ad2139a4dad3f /root/product.jsp None None None None None None None None None None 163 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90656,7 +90656,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107)\n\n N/A N/A None None  S3 None None 8fc3621137e4dd32d75801ac6948909b20f671d21ed9dfe89d0e2f49a2554653 /root/register.jsp None None None None None None None None None None 42 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107)\n\n N/A N/A None None  S3 None None 8fc3621137e4dd32d75801ac6948909b20f671d21ed9dfe89d0e2f49a2554653 /root/register.jsp None None None None None None None None None None 42 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90674,7 +90674,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=107)\n\n N/A N/A None None  S3 None None 8fc3621137e4dd32d75801ac6948909b20f671d21ed9dfe89d0e2f49a2554653 /root/register.jsp None None None None None None None None None None 174 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=106)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=107)\n\n N/A N/A None None  S3 None None 8fc3621137e4dd32d75801ac6948909b20f671d21ed9dfe89d0e2f49a2554653 /root/register.jsp None None None None None None None None None None 174 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90692,7 +90692,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109)\n\n N/A N/A None None  S3 None None 6bea74fa6a2e15eb4e272fd8033b63984cb1cfefd52189c7031b58d7bd325f44 /root/score.jsp None None None None None None None None None None 120 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109)\n\n N/A N/A None None  S3 None None 6bea74fa6a2e15eb4e272fd8033b63984cb1cfefd52189c7031b58d7bd325f44 /root/score.jsp None None None None None None None None None None 120 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90710,7 +90710,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=109)\n\n N/A N/A None None  S3 None None 6bea74fa6a2e15eb4e272fd8033b63984cb1cfefd52189c7031b58d7bd325f44 /root/score.jsp None None None None None None None None None None 252 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=108)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=109)\n\n N/A N/A None None  S3 None None 6bea74fa6a2e15eb4e272fd8033b63984cb1cfefd52189c7031b58d7bd325f44 /root/score.jsp None None None None None None None None None None 252 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90728,7 +90728,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S3 None None 63f306f6577c64ad2d38ddd3985cc649b11dd360f7a962e98cb63686c89b2b95 /root/search.jsp None None None None None None None None None None 244 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S3 None None 63f306f6577c64ad2d38ddd3985cc649b11dd360f7a962e98cb63686c89b2b95 /root/search.jsp None None None None None None None None None None 244 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90746,7 +90746,7 @@
   },
   {
     "fields": {
-      "content": "Empty Password in Connection String (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n N/A N/A None None  S3 None None 63f306f6577c64ad2d38ddd3985cc649b11dd360f7a962e98cb63686c89b2b95 /root/search.jsp None None None None None None None None None None 112 N/A None BodgeIt ",
+      "content": "Empty Password in Connection String (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=110)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.10 - Broken authentication and session management,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=111)\n\n**Line Number:** 1\n**Column:** 785\n**Source Object:** \"\"\"\"\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n N/A N/A None None  S3 None None 63f306f6577c64ad2d38ddd3985cc649b11dd360f7a962e98cb63686c89b2b95 /root/search.jsp None None None None None None None None None None 112 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90764,7 +90764,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (FunctionalZAP.java) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n N/A N/A None None  S3 None None 174ea52e3d43e0e3089705762ecd259a74bdb4c592473a8c4615c8d37e840725 /src/com/thebodgeitstore/selenium/tests/FunctionalZAP.java None None None None None None None None None None 204 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (FunctionalZAP.java) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n N/A N/A None None  S3 None None 174ea52e3d43e0e3089705762ecd259a74bdb4c592473a8c4615c8d37e840725 /src/com/thebodgeitstore/selenium/tests/FunctionalZAP.java None None None None None None None None None None 204 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90782,7 +90782,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (FunctionalZAP.java) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n N/A N/A None None  S3 None None 174ea52e3d43e0e3089705762ecd259a74bdb4c592473a8c4615c8d37e840725 /src/com/thebodgeitstore/selenium/tests/FunctionalZAP.java None None None None None None None None None None 72 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (FunctionalZAP.java) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=282)\n\n**Line Number:** 31\n**Column:** 37\n**Source Object:** getProperty\n**Number:** 31\n**Code:** String target = System.getProperty(\"zap.targetApp\");\n-----\n N/A N/A None None  S3 None None 174ea52e3d43e0e3089705762ecd259a74bdb4c592473a8c4615c8d37e840725 /src/com/thebodgeitstore/selenium/tests/FunctionalZAP.java None None None None None None None None None None 72 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90800,7 +90800,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (admin.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=121](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=121)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=122](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=122)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=123](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=123)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=124](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=124)\n\n**Line Number:** 12\n**Column:** 383\n**Source Object:** execute\n**Number:** 12\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_ADMIN'\");\n-----\n N/A N/A None None  S3 None None 5852c73c2309bcf533c51c4b6c8221b0519229d4010090067bd6ea629971c099 /root/admin.jsp None None None None None None None None None None 273 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (admin.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=121](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=121)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=122](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=122)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=123](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=123)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=124](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=124)\n\n**Line Number:** 12\n**Column:** 383\n**Source Object:** execute\n**Number:** 12\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_ADMIN'\");\n-----\n N/A N/A None None  S3 None None 5852c73c2309bcf533c51c4b6c8221b0519229d4010090067bd6ea629971c099 /root/admin.jsp None None None None None None None None None None 273 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90818,7 +90818,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n N/A N/A None None  S3 None None 76a4b74903cac92c02f0d0c7eca32f417f6ce4a3fb04f16eff17cfc0e8f8df7f /root/basket.jsp None None None None None None None None None None 201 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n N/A N/A None None  S3 None None 76a4b74903cac92c02f0d0c7eca32f417f6ce4a3fb04f16eff17cfc0e8f8df7f /root/basket.jsp None None None None None None None None None None 201 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90836,7 +90836,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n N/A N/A None None  S3 None None 76a4b74903cac92c02f0d0c7eca32f417f6ce4a3fb04f16eff17cfc0e8f8df7f /root/basket.jsp None None None None None None None None None None 69 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=125)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=126)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=127)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=128)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=129)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=130)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=131)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=132)\n\n**Line Number:** 55\n**Column:** 385\n**Source Object:** executeQuery\n**Number:** 55\n**Code:** ResultSet rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE basketid = \" + basketId);\n-----\n N/A N/A None None  S3 None None 76a4b74903cac92c02f0d0c7eca32f417f6ce4a3fb04f16eff17cfc0e8f8df7f /root/basket.jsp None None None None None None None None None None 69 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90854,7 +90854,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 920ba1bf2ab979534eda06dd720ba0baa9cff2b1c14fd1ad56e89a5d656ed2f9 /root/header.jsp None None None None None None None None None None 119 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 920ba1bf2ab979534eda06dd720ba0baa9cff2b1c14fd1ad56e89a5d656ed2f9 /root/header.jsp None None None None None None None None None None 119 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90872,7 +90872,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 920ba1bf2ab979534eda06dd720ba0baa9cff2b1c14fd1ad56e89a5d656ed2f9 /root/header.jsp None None None None None None None None None None 251 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=120)\n\n**Line Number:** 91\n**Column:** 14\n**Source Object:** executeQuery\n**Number:** 91\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 920ba1bf2ab979534eda06dd720ba0baa9cff2b1c14fd1ad56e89a5d656ed2f9 /root/header.jsp None None None None None None None None None None 251 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90890,7 +90890,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 40f3e776293c5c19ac7b521181adfef56ed09288fa417f519d1cc6071cba8a17 /root/home.jsp None None None None None None None None None None 237 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 40f3e776293c5c19ac7b521181adfef56ed09288fa417f519d1cc6071cba8a17 /root/home.jsp None None None None None None None None None None 237 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90908,7 +90908,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 40f3e776293c5c19ac7b521181adfef56ed09288fa417f519d1cc6071cba8a17 /root/home.jsp None None None None None None None None None None 105 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=161)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=162)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=163)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=164)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=165)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=166)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=167)\n\n**Line Number:** 14\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 40f3e776293c5c19ac7b521181adfef56ed09288fa417f519d1cc6071cba8a17 /root/home.jsp None None None None None None None None None None 105 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90926,7 +90926,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (init.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None 1544a01109756bdb265135b3dbc4efca3a22c8d19fa9b50407c94760f04d5610 /root/init.jsp None None None None None None None None None None 95 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (init.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None 1544a01109756bdb265135b3dbc4efca3a22c8d19fa9b50407c94760f04d5610 /root/init.jsp None None None None None None None None None None 95 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90944,7 +90944,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (init.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None 1544a01109756bdb265135b3dbc4efca3a22c8d19fa9b50407c94760f04d5610 /root/init.jsp None None None None None None None None None None 227 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (init.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=168)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=169)\n\n**Line Number:** 1\n**Column:** 3261\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None 1544a01109756bdb265135b3dbc4efca3a22c8d19fa9b50407c94760f04d5610 /root/init.jsp None None None None None None None None None None 227 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90962,7 +90962,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None 70d68584520c7bc1b47ca45fc75b42460659a52957a10fe2a99858c32b329ae1 /root/login.jsp None None None None None None None None None None 250 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None 70d68584520c7bc1b47ca45fc75b42460659a52957a10fe2a99858c32b329ae1 /root/login.jsp None None None None None None None None None None 250 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90980,7 +90980,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None 70d68584520c7bc1b47ca45fc75b42460659a52957a10fe2a99858c32b329ae1 /root/login.jsp None None None None None None None None None None 118 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=170)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=171)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=172)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=173)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=174)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=175)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=176)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=177)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=178)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=179)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=180)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=181)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=182)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=183)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=184)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=185)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=186)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=187)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=188)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=189)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=190)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=191)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=192)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=193)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=194)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=195)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=196)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=197)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=198)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=199)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=200)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=201)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=202)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=203)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=204)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=205)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=206)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=207)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=208)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=209)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=210)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=211)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=212)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=213)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=214)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=215)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=216)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=217)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=218)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=219)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=220)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=221)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=222)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=223)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=224)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=225)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=226)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=227)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=228)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=229)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=230)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=231)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=232)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=233)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=234)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=235)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=236)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=237)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=238)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n N/A N/A None None  S3 None None 70d68584520c7bc1b47ca45fc75b42460659a52957a10fe2a99858c32b329ae1 /root/login.jsp None None None None None None None None None None 118 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -90998,7 +90998,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (password.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None c69d0a9ead39b5990a429c6ed185050ffadfda672b020ac6e7322ef02e72563a /root/password.jsp None None None None None None None None None None 32 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (password.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None c69d0a9ead39b5990a429c6ed185050ffadfda672b020ac6e7322ef02e72563a /root/password.jsp None None None None None None None None None None 32 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91016,7 +91016,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (password.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None c69d0a9ead39b5990a429c6ed185050ffadfda672b020ac6e7322ef02e72563a /root/password.jsp None None None None None None None None None None 164 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (password.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=239)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=240)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=241)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=242)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=243)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=244)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=245)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=246)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=247)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=248)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=249)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=250)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=251)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=252)\n\n**Line Number:** 24\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 24\n**Code:** stmt.executeQuery(\"UPDATE Users set password= '\" + password1 + \"' where name = '\" + username + \"'\");\n-----\n N/A N/A None None  S3 None None c69d0a9ead39b5990a429c6ed185050ffadfda672b020ac6e7322ef02e72563a /root/password.jsp None None None None None None None None None None 164 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91034,7 +91034,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None b037e71624f50f74cfbd0f0cd561daa1e87b1ac3690b19b1d3fe3c36ef452628 /root/product.jsp None None None None None None None None None None 198 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None b037e71624f50f74cfbd0f0cd561daa1e87b1ac3690b19b1d3fe3c36ef452628 /root/product.jsp None None None None None None None None None None 198 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91052,7 +91052,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None b037e71624f50f74cfbd0f0cd561daa1e87b1ac3690b19b1d3fe3c36ef452628 /root/product.jsp None None None None None None None None None None 66 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=253)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=254)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=255)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=256)\n\n**Line Number:** 42\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 42\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None b037e71624f50f74cfbd0f0cd561daa1e87b1ac3690b19b1d3fe3c36ef452628 /root/product.jsp None None None None None None None None None None 66 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91070,7 +91070,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None d0e517ef410747c79f882b9fc73a04a92ef6b4792017378ae5c4a39e21a921c5 /root/register.jsp None None None None None None None None None None 271 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None d0e517ef410747c79f882b9fc73a04a92ef6b4792017378ae5c4a39e21a921c5 /root/register.jsp None None None None None None None None None None 271 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91088,7 +91088,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None d0e517ef410747c79f882b9fc73a04a92ef6b4792017378ae5c4a39e21a921c5 /root/register.jsp None None None None None None None None None None 139 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=257)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=258)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=259)\n\n**Line Number:** 29\n**Column:** 370\n**Source Object:** executeQuery\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n N/A N/A None None  S3 None None d0e517ef410747c79f882b9fc73a04a92ef6b4792017378ae5c4a39e21a921c5 /root/register.jsp None None None None None None None None None None 139 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91106,7 +91106,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 5b24a32f74c75879a1adc65bf89b03bb64f81565dbd6a2240149f2ce1bd27d40 /root/score.jsp None None None None None None None None None None 246 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 5b24a32f74c75879a1adc65bf89b03bb64f81565dbd6a2240149f2ce1bd27d40 /root/score.jsp None None None None None None None None None None 246 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91124,7 +91124,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 5b24a32f74c75879a1adc65bf89b03bb64f81565dbd6a2240149f2ce1bd27d40 /root/score.jsp None None None None None None None None None None 114 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=260)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=261)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=262)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=263)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=264)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=265)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=266)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=267)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=268)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=269)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=270)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=271)\n\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 5b24a32f74c75879a1adc65bf89b03bb64f81565dbd6a2240149f2ce1bd27d40 /root/score.jsp None None None None None None None None None None 114 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91142,7 +91142,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n N/A N/A None None  S3 None None b493926fdab24fe92c9c28363e72429e66631bd5056f574ddefb983212933d10 /root/search.jsp None None None None None None None None None None 104 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n N/A N/A None None  S3 None None b493926fdab24fe92c9c28363e72429e66631bd5056f574ddefb983212933d10 /root/search.jsp None None None None None None None None None None 104 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91160,7 +91160,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Access Authorization (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n N/A N/A None None  S3 None None b493926fdab24fe92c9c28363e72429e66631bd5056f574ddefb983212933d10 /root/search.jsp None None None None None None None None None None 236 N/A None BodgeIt ",
+      "content": "Improper Resource Access Authorization (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=272)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=273)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.8 - Improper access control,OWASP Top 10 2013;A2-Broken Authentication and Session Management\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=274)\n\n**Line Number:** 14\n**Column:** 396\n**Source Object:** execute\n**Number:** 14\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'SIMPLE_XSS'\");\n-----\n N/A N/A None None  S3 None None b493926fdab24fe92c9c28363e72429e66631bd5056f574ddefb983212933d10 /root/search.jsp None None None None None None None None None None 236 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91178,7 +91178,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (AdvancedSearch.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 514c8fbd9da03f03f770c9e0ca12d8bb20db50f3a836b4d50f16e0d75b0cca08 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 36 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (AdvancedSearch.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 514c8fbd9da03f03f770c9e0ca12d8bb20db50f3a836b4d50f16e0d75b0cca08 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 36 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91196,7 +91196,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (AdvancedSearch.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 514c8fbd9da03f03f770c9e0ca12d8bb20db50f3a836b4d50f16e0d75b0cca08 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 168 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (AdvancedSearch.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=448)\n\n**Line Number:** 40\n**Column:** 13\n**Source Object:** connection\n**Number:** 40\n**Code:** this.connection = conn;\n-----\n**Line Number:** 43\n**Column:** 31\n**Source Object:** getParameters\n**Number:** 43\n**Code:** this.getParameters();\n-----\n**Line Number:** 44\n**Column:** 28\n**Source Object:** setResults\n**Number:** 44\n**Code:** this.setResults();\n-----\n**Line Number:** 188\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 188\n**Code:** this.output = (this.isAjax()) ? this.jsonPrequal : this.htmlPrequal;\n-----\n**Line Number:** 198\n**Column:** 61\n**Source Object:** isAjax\n**Number:** 198\n**Code:** this.output = this.output.concat(this.isAjax() ? result.getJSON().concat(\", \") : result.getTrHTML());\n-----\n**Line Number:** 201\n**Column:** 39\n**Source Object:** isAjax\n**Number:** 201\n**Code:** this.output = (this.isAjax()) ? this.output.substring(0, this.output.length() - 2).concat(this.jsonPostqual)\n-----\n**Line Number:** 45\n**Column:** 27\n**Source Object:** setScores\n**Number:** 45\n**Code:** this.setScores();\n-----\n**Line Number:** 129\n**Column:** 28\n**Source Object:** isDebug\n**Number:** 129\n**Code:** if(this.isDebug()){\n-----\n**Line Number:** 130\n**Column:** 21\n**Source Object:** connection\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 48\n**Source Object:** createStatement\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 130\n**Column:** 58\n**Source Object:** execute\n**Number:** 130\n**Code:** this.connection.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 514c8fbd9da03f03f770c9e0ca12d8bb20db50f3a836b4d50f16e0d75b0cca08 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 168 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91214,7 +91214,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (admin.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 8332e5bd42770868b5db865ca9017c31fcea5a91cff250c4341dc73ed5fdb6e6 /root/admin.jsp None None None None None None None None None None 106 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (admin.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 8332e5bd42770868b5db865ca9017c31fcea5a91cff250c4341dc73ed5fdb6e6 /root/admin.jsp None None None None None None None None None None 106 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91232,7 +91232,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (admin.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 8332e5bd42770868b5db865ca9017c31fcea5a91cff250c4341dc73ed5fdb6e6 /root/admin.jsp None None None None None None None None None None 238 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (admin.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=450)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=451)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=452)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=453)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=454)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=455)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=456)\n\n**Line Number:** 1\n**Column:** 669\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1589\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 15\n**Column:** 359\n**Source Object:** conn\n**Number:** 15\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Users\");\n-----\n**Line Number:** 27\n**Column:** 359\n**Source Object:** conn\n**Number:** 27\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Baskets\");\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** conn\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 39\n**Column:** 352\n**Source Object:** stmt\n**Number:** 39\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents\");\n-----\n**Line Number:** 40\n**Column:** 357\n**Source Object:** stmt\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 40\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 40\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 8332e5bd42770868b5db865ca9017c31fcea5a91cff250c4341dc73ed5fdb6e6 /root/admin.jsp None None None None None None None None None None 238 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91250,7 +91250,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 245 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 245 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91268,7 +91268,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 132 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 132 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91286,7 +91286,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 210 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 210 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91304,7 +91304,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 113 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=461)\n\n**Line Number:** 1\n**Column:** 670\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1590\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 12\n**Column:** 368\n**Source Object:** conn\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 388\n**Source Object:** createStatement\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 12\n**Column:** 361\n**Source Object:** stmt\n**Number:** 12\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 15\n**Column:** 357\n**Source Object:** stmt\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 383\n**Source Object:** getInt\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 21\n**Column:** 360\n**Source Object:** userid\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 23\n**Column:** 384\n**Source Object:** userid\n**Number:** 23\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n**Line Number:** 37\n**Column:** 396\n**Source Object:** getAttribute\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 37\n**Column:** 358\n**Source Object:** userid\n**Number:** 37\n**Code:** String userid = (String) session.getAttribute(\"userid\");\n-----\n**Line Number:** 110\n**Column:** 420\n**Source Object:** userid\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 376\n**Source Object:** executeQuery\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 110\n**Column:** 354\n**Source Object:** rs\n**Number:** 110\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Baskets WHERE (userid = \" + userid + \")\");\n-----\n**Line Number:** 111\n**Column:** 354\n**Source Object:** rs\n**Number:** 111\n**Code:** rs.next();\n-----\n**Line Number:** 112\n**Column:** 370\n**Source Object:** rs\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 379\n**Source Object:** getInt\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 112\n**Column:** 354\n**Source Object:** basketId\n**Number:** 112\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 113 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91322,7 +91322,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"java.net.URL\"%\u003e\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 78 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=457)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=458)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=459)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=460)\n\n**Line Number:** 1\n**Column:** 728\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 1\n**Column:** 1648\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"java.net.URL\"%>\n-----\n**Line Number:** 53\n**Column:** 369\n**Source Object:** conn\n**Number:** 53\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 240\n**Column:** 359\n**Source Object:** conn\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 274\n**Column:** 353\n**Source Object:** stmt\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 274\n**Column:** 365\n**Source Object:** execute\n**Number:** 274\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 78 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91340,7 +91340,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 264 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=462)\n\n**Line Number:** 1\n**Column:** 673\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1593\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 26\n**Column:** 369\n**Source Object:** conn\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 26\n**Column:** 362\n**Source Object:** stmt\n**Number:** 26\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 29\n**Column:** 353\n**Source Object:** stmt\n**Number:** 29\n**Code:** stmt.executeQuery(\"INSERT INTO Users (name, type, password) VALUES ('\" + username + \"', 'USER', '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 358\n**Source Object:** stmt\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 30\n**Column:** 353\n**Source Object:** rs\n**Number:** 30\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password1 + \"')\");\n-----\n**Line Number:** 31\n**Column:** 353\n**Source Object:** rs\n**Number:** 31\n**Code:** rs.next();\n-----\n**Line Number:** 32\n**Column:** 368\n**Source Object:** rs\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 377\n**Source Object:** getInt\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 32\n**Column:** 353\n**Source Object:** userid\n**Number:** 32\n**Code:** userid =  \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 36\n**Column:** 384\n**Source Object:** userid\n**Number:** 36\n**Code:** session.setAttribute(\"userid\", userid);\n-----\n N/A N/A None None  S3 None None db7a77c20f51041b98ba80af21a73ef2db784e82fd0af050fefb552826be04b1 /root/basket.jsp None None None None None None None None None None 264 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91358,7 +91358,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (contact.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=463](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=463)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=464](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=464)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=465](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=465)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=466](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=466)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=467](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=467)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=468](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=468)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=469](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=469)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=470](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=470)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=471](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=471)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=472](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=472)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=473](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=473)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=474](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=474)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=475](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=475)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=476](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=476)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=477](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=477)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=478](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=478)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=479](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=479)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=480](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=480)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=481](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=481)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=482](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=482)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=483](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=483)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=484](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=484)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=485](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=485)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=486](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=486)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=487](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=487)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=488](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=488)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=489](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=489)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=490](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=490)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=491](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=491)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=492](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=492)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=493](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=493)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=494](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=494)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=495](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=495)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=496](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=496)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=497](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=497)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=498](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=498)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=499](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=499)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=500](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=500)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=501](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=501)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=502](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=502)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=503](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=503)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=504](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=504)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=505](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=505)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=506](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=506)\n\n**Line Number:** 24\n**Column:** 377\n**Source Object:** conn\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 398\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 370\n**Source Object:** stmt\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 27\n**Column:** 353\n**Source Object:** stmt\n**Number:** 27\n**Code:** stmt.setString(1, username);\n-----\n**Line Number:** 28\n**Column:** 353\n**Source Object:** stmt\n**Number:** 28\n**Code:** stmt.setString(2, comments);\n-----\n**Line Number:** 29\n**Column:** 365\n**Source Object:** execute\n**Number:** 29\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None 82b6e67fea88a46706b742dee6eb877a58f0ef800b00de81d044714ae2d83f6b /root/contact.jsp None None None None None None None None None None 275 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (contact.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=463](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=463)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=464](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=464)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=465](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=465)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=466](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=466)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=467](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=467)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=468](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=468)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=469](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=469)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=470](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=470)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=471](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=471)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=472](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=472)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=473](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=473)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=474](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=474)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=475](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=475)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=476](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=476)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=477](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=477)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=478](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=478)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=479](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=479)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=480](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=480)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=481](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=481)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=482](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=482)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=483](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=483)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=484](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=484)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=485](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=485)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=486](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=486)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=487](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=487)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=488](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=488)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=489](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=489)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=490](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=490)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=491](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=491)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=492](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=492)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=493](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=493)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=494](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=494)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=495](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=495)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=496](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=496)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=497](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=497)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=498](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=498)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=499](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=499)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=500](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=500)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=501](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=501)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=502](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=502)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=503](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=503)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=504](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=504)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=505](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=505)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=506](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=506)\n\n**Line Number:** 24\n**Column:** 377\n**Source Object:** conn\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 398\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 24\n**Column:** 370\n**Source Object:** stmt\n**Number:** 24\n**Code:** PreparedStatement stmt = conn.prepareStatement(\"INSERT INTO Comments (name, comment) VALUES (?, ?)\");\n-----\n**Line Number:** 27\n**Column:** 353\n**Source Object:** stmt\n**Number:** 27\n**Code:** stmt.setString(1, username);\n-----\n**Line Number:** 28\n**Column:** 353\n**Source Object:** stmt\n**Number:** 28\n**Code:** stmt.setString(2, comments);\n-----\n**Line Number:** 29\n**Column:** 365\n**Source Object:** execute\n**Number:** 29\n**Code:** stmt.execute();\n-----\n N/A N/A None None  S3 None None 82b6e67fea88a46706b742dee6eb877a58f0ef800b00de81d044714ae2d83f6b /root/contact.jsp None None None None None None None None None None 275 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91376,7 +91376,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (home.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None fffd29bd0973269ddbbed2e210926c04d42cb12037117261626b95bd52bcff27 /root/home.jsp None None None None None None None None None None 144 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (home.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None fffd29bd0973269ddbbed2e210926c04d42cb12037117261626b95bd52bcff27 /root/home.jsp None None None None None None None None None None 144 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91394,7 +91394,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (home.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None fffd29bd0973269ddbbed2e210926c04d42cb12037117261626b95bd52bcff27 /root/home.jsp None None None None None None None None None None 12 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (home.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=507)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=508)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=509)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=510)\n\n**Line Number:** 1\n**Column:** 688\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1608\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 13\n**Column:** 359\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT COUNT (*) FROM Products\");\n-----\n**Line Number:** 24\n**Column:** 360\n**Source Object:** conn\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 24\n**Column:** 353\n**Source Object:** stmt\n**Number:** 24\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Products, ProductTypes WHERE Products.productid = \" + ((int)(Math.random() * count) + 1) + \" AND Products.typeid = ProductTypes.typeid\");\n-----\n**Line Number:** 25\n**Column:** 358\n**Source Object:** stmt\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 25\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 25\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None fffd29bd0973269ddbbed2e210926c04d42cb12037117261626b95bd52bcff27 /root/home.jsp None None None None None None None None None None 12 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91412,7 +91412,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (init.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None 2a7f9ff0b80ef53370128384650fe897d773383109c7d171159cbfbc232476e2 /root/init.jsp None None None None None None None None None None 76 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (init.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None 2a7f9ff0b80ef53370128384650fe897d773383109c7d171159cbfbc232476e2 /root/init.jsp None None None None None None None None None None 76 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91430,7 +91430,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (init.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n N/A N/A None None  S3 None None 2a7f9ff0b80ef53370128384650fe897d773383109c7d171159cbfbc232476e2 /root/init.jsp None None None None None None None None None None 208 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (init.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=511)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=512)\n\n**Line Number:** 1\n**Column:** 2588\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2872\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 2975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3278\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3375\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3473\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3575\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3673\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3769\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3866\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 3972\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4357\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4511\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4668\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4823\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 4975\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5127\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5279\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5431\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5583\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5733\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 5883\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6033\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6183\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6333\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6483\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6633\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6783\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 6940\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7096\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7257\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7580\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7730\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 7880\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8029\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8179\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8340\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8495\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8656\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8813\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 8966\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9121\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9272\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9653\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9814\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 9976\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10140\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10419\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10506\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10846\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 10986\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11126\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11266\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11407\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11761\n**Source Object:** c\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11779\n**Source Object:** prepareStatement\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 11899\n**Source Object:** execute\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n N/A N/A None None  S3 None None 2a7f9ff0b80ef53370128384650fe897d773383109c7d171159cbfbc232476e2 /root/init.jsp None None None None None None None None None None 208 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91448,7 +91448,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (password.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n N/A N/A None None  S3 None None 97e071423b295531965759c3641effa4a92e8e67f5ae40a3248a0a296aada52d /root/password.jsp None None None None None None None None None None 253 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (password.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n N/A N/A None None  S3 None None 97e071423b295531965759c3641effa4a92e8e67f5ae40a3248a0a296aada52d /root/password.jsp None None None None None None None None None None 253 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91466,7 +91466,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (password.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n N/A N/A None None  S3 None None 97e071423b295531965759c3641effa4a92e8e67f5ae40a3248a0a296aada52d /root/password.jsp None None None None None None None None None None 121 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (password.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=513)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=514)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=515)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=516)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=517)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=518)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=519)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=520)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=521)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=522)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=523)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=524)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=525)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=526)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=527)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=528)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=529)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=530)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=531)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=532)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=533)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=534)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=535)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=536)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=537)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=538)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=539)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=540)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=541)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=542)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=543)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=544)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=545)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=546)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=547)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=548)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=549)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=550)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=551)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=552)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=553)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=554)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=555)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=556)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=557)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=558)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=559)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=560)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=561)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=562)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=563)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=564)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=565)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=566)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=567)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=568)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=569)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=570)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=571)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=572)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=573)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=574)\n\n**Line Number:** 21\n**Column:** 369\n**Source Object:** conn\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 389\n**Source Object:** createStatement\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 21\n**Column:** 362\n**Source Object:** stmt\n**Number:** 21\n**Code:** Statement stmt = conn.createStatement();\n-----\n N/A N/A None None  S3 None None 97e071423b295531965759c3641effa4a92e8e67f5ae40a3248a0a296aada52d /root/password.jsp None None None None None None None None None None 121 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91484,7 +91484,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (product.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 810541dc4d59d52088c1c29bfbb5ed70b10bfa657980a3099b26ff8799955f28 /root/product.jsp None None None None None None None None None None 122 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (product.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 810541dc4d59d52088c1c29bfbb5ed70b10bfa657980a3099b26ff8799955f28 /root/product.jsp None None None None None None None None None None 122 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91502,7 +91502,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (product.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@ page import=\"java.sql.*\" %\u003e\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 810541dc4d59d52088c1c29bfbb5ed70b10bfa657980a3099b26ff8799955f28 /root/product.jsp None None None None None None None None None None 254 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (product.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=575)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=576)\n\n**Line Number:** 1\n**Column:** 691\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 1\n**Column:** 1611\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@ page import=\"java.sql.*\" %>\n-----\n**Line Number:** 97\n**Column:** 353\n**Source Object:** conn\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 373\n**Source Object:** createStatement\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n**Line Number:** 97\n**Column:** 383\n**Source Object:** execute\n**Number:** 97\n**Code:** conn.createStatement().execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 810541dc4d59d52088c1c29bfbb5ed70b10bfa657980a3099b26ff8799955f28 /root/product.jsp None None None None None None None None None None 254 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91520,7 +91520,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (score.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 326fbad527801598a49946804f53bff975023eeb4c7c992932611d45d0b46201 /root/score.jsp None None None None None None None None None None 232 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (score.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 326fbad527801598a49946804f53bff975023eeb4c7c992932611d45d0b46201 /root/score.jsp None None None None None None None None None None 232 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91538,7 +91538,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (score.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 326fbad527801598a49946804f53bff975023eeb4c7c992932611d45d0b46201 /root/score.jsp None None None None None None None None None None 100 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (score.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=577)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=578)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=579)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=580)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=581)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=582)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=583)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=584)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=585)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=586)\n\n**Line Number:** 13\n**Column:** 360\n**Source Object:** conn\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 381\n**Source Object:** prepareStatement\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 13\n**Column:** 353\n**Source Object:** stmt\n**Number:** 13\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM Score ORDER by scoreid\");\n-----\n**Line Number:** 14\n**Column:** 358\n**Source Object:** stmt\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 14\n**Column:** 375\n**Source Object:** executeQuery\n**Number:** 14\n**Code:** rs = stmt.executeQuery();\n-----\n N/A N/A None None  S3 None None 326fbad527801598a49946804f53bff975023eeb4c7c992932611d45d0b46201 /root/score.jsp None None None None None None None None None None 100 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91556,7 +91556,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (search.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 763571cd8b09d88baae5cc8bc9d755e2401e204c335894933401186d14be3992 /root/search.jsp None None None None None None None None None None 93 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (search.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 763571cd8b09d88baae5cc8bc9d755e2401e204c335894933401186d14be3992 /root/search.jsp None None None None None None None None None None 93 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91574,7 +91574,7 @@
   },
   {
     "fields": {
-      "content": "Improper Resource Shutdown or Release (search.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** \u003c%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%\u003e\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 763571cd8b09d88baae5cc8bc9d755e2401e204c335894933401186d14be3992 /root/search.jsp None None None None None None None None None None 225 N/A None BodgeIt ",
+      "content": "Improper Resource Shutdown or Release (search.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=587)\n\n**Line Number:** 1\n**Column:** 721\n**Source Object:** conn\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 1\n**Column:** 1641\n**Source Object:** jspInit\n**Number:** 1\n**Code:** <%@page import=\"org.apache.commons.lang3.StringEscapeUtils\"%>\n-----\n**Line Number:** 20\n**Column:** 371\n**Source Object:** conn\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 391\n**Source Object:** createStatement\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 20\n**Column:** 364\n**Source Object:** stmt\n**Number:** 20\n**Code:** Statement stmt = conn.createStatement();\n-----\n**Line Number:** 34\n**Column:** 357\n**Source Object:** stmt\n**Number:** 34\n**Code:** rs = stmt.executeQuery(sql);\n-----\n**Line Number:** 57\n**Column:** 365\n**Source Object:** execute\n**Number:** 57\n**Code:** stmt.execute(\"UPDATE Score SET status = 1 WHERE task = 'HIDDEN_DEBUG'\");\n-----\n N/A N/A None None  S3 None None 763571cd8b09d88baae5cc8bc9d755e2401e204c335894933401186d14be3992 /root/search.jsp None None None None None None None None None None 225 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91592,7 +91592,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (AdvancedSearch.java) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n N/A N/A None None  S3 None None 21c80d580d9f1de55f6179e2a08e5684f46c9734d79cf701b2ff25e6776ccdfc /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 143 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (AdvancedSearch.java) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n N/A N/A None None  S3 None None 21c80d580d9f1de55f6179e2a08e5684f46c9734d79cf701b2ff25e6776ccdfc /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 143 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91610,7 +91610,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (AdvancedSearch.java) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n N/A N/A None None  S3 None None 21c80d580d9f1de55f6179e2a08e5684f46c9734d79cf701b2ff25e6776ccdfc /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 11 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (AdvancedSearch.java) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=731)\n\n**Line Number:** 132\n**Column:** 28\n**Source Object:** e\n**Number:** 132\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 134\n**Column:** 13\n**Source Object:** e\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n**Line Number:** 134\n**Column:** 30\n**Source Object:** printStackTrace\n**Number:** 134\n**Code:** e.printStackTrace(new PrintWriter(sw));\n-----\n N/A N/A None None  S3 None None 21c80d580d9f1de55f6179e2a08e5684f46c9734d79cf701b2ff25e6776ccdfc /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 11 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91628,7 +91628,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (admin.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n N/A N/A None None  S3 None None fc95b0887dc03b9f29f45b95aeb41e7f681dc28388279d7e11c233d3b5235c00 /root/admin.jsp None None None None None None None None None None 29 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (admin.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n N/A N/A None None  S3 None None fc95b0887dc03b9f29f45b95aeb41e7f681dc28388279d7e11c233d3b5235c00 /root/admin.jsp None None None None None None None None None None 29 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91646,7 +91646,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (admin.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n N/A N/A None None  S3 None None fc95b0887dc03b9f29f45b95aeb41e7f681dc28388279d7e11c233d3b5235c00 /root/admin.jsp None None None None None None None None None None 161 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (admin.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=703](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=703)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=704](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=704)\n\n**Line Number:** 52\n**Column:** 373\n**Source Object:** e\n**Number:** 52\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 53\n**Column:** 387\n**Source Object:** e\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n**Line Number:** 53\n**Column:** 363\n**Source Object:** println\n**Number:** 53\n**Code:** out.println(\"System error.\" + e);\n-----\n N/A N/A None None  S3 None None fc95b0887dc03b9f29f45b95aeb41e7f681dc28388279d7e11c233d3b5235c00 /root/admin.jsp None None None None None None None None None None 161 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91664,7 +91664,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None cfa4c706348e59de8b65228daccc21474abf67877a50dec0efa031e947d2e3bd /root/basket.jsp None None None None None None None None None None 235 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None cfa4c706348e59de8b65228daccc21474abf67877a50dec0efa031e947d2e3bd /root/basket.jsp None None None None None None None None None None 235 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91682,7 +91682,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None cfa4c706348e59de8b65228daccc21474abf67877a50dec0efa031e947d2e3bd /root/basket.jsp None None None None None None None None None None 103 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=705](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=705)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=706](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=706)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=707](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=707)\n\n**Line Number:** 62\n**Column:** 371\n**Source Object:** e\n**Number:** 62\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 65\n**Column:** 391\n**Source Object:** e\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 65\n**Column:** 365\n**Source Object:** println\n**Number:** 65\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None cfa4c706348e59de8b65228daccc21474abf67877a50dec0efa031e947d2e3bd /root/basket.jsp None None None None None None None None None None 103 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91700,7 +91700,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (contact.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 1e74e0c4e0572c6bb5aaee26176b8a40ce024325bbffea1ddbb120bab9d9542c /root/contact.jsp None None None None None None None None None None 49 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (contact.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 1e74e0c4e0572c6bb5aaee26176b8a40ce024325bbffea1ddbb120bab9d9542c /root/contact.jsp None None None None None None None None None None 49 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91718,7 +91718,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (contact.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 1e74e0c4e0572c6bb5aaee26176b8a40ce024325bbffea1ddbb120bab9d9542c /root/contact.jsp None None None None None None None None None None 181 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (contact.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=708](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=708)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=709](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=709)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=710](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=710)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=711](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=711)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=712](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=712)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=713](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=713)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=714](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=714)\n\n**Line Number:** 72\n**Column:** 370\n**Source Object:** e\n**Number:** 72\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 75\n**Column:** 390\n**Source Object:** e\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 75\n**Column:** 364\n**Source Object:** println\n**Number:** 75\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 1e74e0c4e0572c6bb5aaee26176b8a40ce024325bbffea1ddbb120bab9d9542c /root/contact.jsp None None None None None None None None None None 181 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91736,7 +91736,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 584b05859f76b43b2736a28ac1c8ac88497704d0f31868218fcda9077396a215 /root/header.jsp None None None None None None None None None None 129 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 584b05859f76b43b2736a28ac1c8ac88497704d0f31868218fcda9077396a215 /root/header.jsp None None None None None None None None None None 129 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91754,7 +91754,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 584b05859f76b43b2736a28ac1c8ac88497704d0f31868218fcda9077396a215 /root/header.jsp None None None None None None None None None None 261 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (header.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=702](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=702)\n\n**Line Number:** 96\n**Column:** 18\n**Source Object:** e\n**Number:** 96\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 99\n**Column:** 28\n**Source Object:** e\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 99\n**Column:** 9\n**Source Object:** println\n**Number:** 99\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 584b05859f76b43b2736a28ac1c8ac88497704d0f31868218fcda9077396a215 /root/header.jsp None None None None None None None None None None 261 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91772,7 +91772,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None cfc58944e3181521dc3a9ec917dcb54d7a54ebbf3f0e8aaca7fec60a05485c63 /root/home.jsp None None None None None None None None None None 176 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None cfc58944e3181521dc3a9ec917dcb54d7a54ebbf3f0e8aaca7fec60a05485c63 /root/home.jsp None None None None None None None None None None 176 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91790,7 +91790,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None cfc58944e3181521dc3a9ec917dcb54d7a54ebbf3f0e8aaca7fec60a05485c63 /root/home.jsp None None None None None None None None None None 44 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (home.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=715](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=715)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=716](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=716)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=717](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=717)\n\n**Line Number:** 39\n**Column:** 373\n**Source Object:** e\n**Number:** 39\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 41\n**Column:** 390\n**Source Object:** e\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 41\n**Column:** 364\n**Source Object:** println\n**Number:** 41\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None cfc58944e3181521dc3a9ec917dcb54d7a54ebbf3f0e8aaca7fec60a05485c63 /root/home.jsp None None None None None None None None None None 44 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91808,7 +91808,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None af0420cc3c001e6a1c65aceb86644080bcdb3f08b6be7cfc96a3bb3e20685afb /root/login.jsp None None None None None None None None None None 256 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None af0420cc3c001e6a1c65aceb86644080bcdb3f08b6be7cfc96a3bb3e20685afb /root/login.jsp None None None None None None None None None None 256 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91826,7 +91826,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None af0420cc3c001e6a1c65aceb86644080bcdb3f08b6be7cfc96a3bb3e20685afb /root/login.jsp None None None None None None None None None None 124 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (login.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=718](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=718)\n\n**Line Number:** 60\n**Column:** 370\n**Source Object:** e\n**Number:** 60\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 63\n**Column:** 390\n**Source Object:** e\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 63\n**Column:** 364\n**Source Object:** println\n**Number:** 63\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None af0420cc3c001e6a1c65aceb86644080bcdb3f08b6be7cfc96a3bb3e20685afb /root/login.jsp None None None None None None None None None None 124 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91844,7 +91844,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 85b4b54f401f88fb286b6442b56fecb5922a025504207d94f5835e4b9e4c3d49 /root/product.jsp None None None None None None None None None None 136 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 85b4b54f401f88fb286b6442b56fecb5922a025504207d94f5835e4b9e4c3d49 /root/product.jsp None None None None None None None None None None 136 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91862,7 +91862,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 85b4b54f401f88fb286b6442b56fecb5922a025504207d94f5835e4b9e4c3d49 /root/product.jsp None None None None None None None None None None 268 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (product.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=719](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=719)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=720](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=720)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=721](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=721)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=722](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=722)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=723](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=723)\n\n**Line Number:** 95\n**Column:** 373\n**Source Object:** e\n**Number:** 95\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 98\n**Column:** 390\n**Source Object:** e\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 98\n**Column:** 364\n**Source Object:** println\n**Number:** 98\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 85b4b54f401f88fb286b6442b56fecb5922a025504207d94f5835e4b9e4c3d49 /root/product.jsp None None None None None None None None None None 268 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91880,7 +91880,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") \u003e= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 508298807b8bd2787b58a49d31bd3f056293c7656e8936eb2e478b3636fa5e19 /root/register.jsp None None None None None None None None None None 94 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") >= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 508298807b8bd2787b58a49d31bd3f056293c7656e8936eb2e478b3636fa5e19 /root/register.jsp None None None None None None None None None None 94 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91898,7 +91898,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") \u003e= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 508298807b8bd2787b58a49d31bd3f056293c7656e8936eb2e478b3636fa5e19 /root/register.jsp None None None None None None None None None None 226 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (register.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=724](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=724)\n\n**Line Number:** 64\n**Column:** 374\n**Source Object:** e\n**Number:** 64\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 65\n**Column:** 357\n**Source Object:** e\n**Number:** 65\n**Code:** if (e.getMessage().indexOf(\"Unique constraint violation\") >= 0) {\n-----\n**Line Number:** 70\n**Column:** 392\n**Source Object:** e\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 70\n**Column:** 366\n**Source Object:** println\n**Number:** 70\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 508298807b8bd2787b58a49d31bd3f056293c7656e8936eb2e478b3636fa5e19 /root/register.jsp None None None None None None None None None None 226 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91916,7 +91916,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 1c24c0fc04774515bc6dc38386250282055e0585ae71b405586b552ca04b31c9 /root/score.jsp None None None None None None None None None None 219 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 1c24c0fc04774515bc6dc38386250282055e0585ae71b405586b552ca04b31c9 /root/score.jsp None None None None None None None None None None 219 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91934,7 +91934,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 1c24c0fc04774515bc6dc38386250282055e0585ae71b405586b552ca04b31c9 /root/score.jsp None None None None None None None None None None 87 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (score.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=725](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=725)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=726](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=726)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=727](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=727)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=728](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=728)\n\n**Line Number:** 35\n**Column:** 373\n**Source Object:** e\n**Number:** 35\n**Code:** } catch (SQLException e) {\n-----\n**Line Number:** 37\n**Column:** 390\n**Source Object:** e\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 37\n**Column:** 364\n**Source Object:** println\n**Number:** 37\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 1c24c0fc04774515bc6dc38386250282055e0585ae71b405586b552ca04b31c9 /root/score.jsp None None None None None None None None None None 87 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91952,7 +91952,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 641ba17f6201ed5f40524a90c0e0fc03d8a4731528be567b639362cef3f20ef2 /root/search.jsp None None None None None None None None None None 107 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 641ba17f6201ed5f40524a90c0e0fc03d8a4731528be567b639362cef3f20ef2 /root/search.jsp None None None None None None None None None None 107 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91970,7 +91970,7 @@
   },
   {
     "fields": {
-      "content": "Information Exposure Through an Error Message (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 641ba17f6201ed5f40524a90c0e0fc03d8a4731528be567b639362cef3f20ef2 /root/search.jsp None None None None None None None None None None 239 N/A None BodgeIt ",
+      "content": "Information Exposure Through an Error Message (search.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=729](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=729)\n\n**Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.5 - Improper error handling,OWASP Top 10 2013;A5-Security Misconfiguration\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=730](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=730)\n\n**Line Number:** 55\n**Column:** 377\n**Source Object:** e\n**Number:** 55\n**Code:** } catch (Exception e) {\n-----\n**Line Number:** 58\n**Column:** 390\n**Source Object:** e\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n**Line Number:** 58\n**Column:** 364\n**Source Object:** println\n**Number:** 58\n**Code:** out.println(\"DEBUG System error: \" + e + \"\");\n-----\n N/A N/A None None  S3 None None 641ba17f6201ed5f40524a90c0e0fc03d8a4731528be567b639362cef3f20ef2 /root/search.jsp None None None None None None None None None None 239 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -91988,7 +91988,7 @@
   },
   {
     "fields": {
-      "content": "Missing X Frame Options (web.xml) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S3 None None 5fb0f064b2f7098c57e1115b391bf7a6eb57feae63c2848b916a5b79dccf66f3 /build/WEB-INF/web.xml None None None None None None None None None None 84 N/A None BodgeIt ",
+      "content": "Missing X Frame Options (web.xml) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S3 None None 5fb0f064b2f7098c57e1115b391bf7a6eb57feae63c2848b916a5b79dccf66f3 /build/WEB-INF/web.xml None None None None None None None None None None 84 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92006,7 +92006,7 @@
   },
   {
     "fields": {
-      "content": "Missing X Frame Options (web.xml) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84)\n\n N/A N/A None None  S3 None None 418f79f7a59a306d5e46aa4af1924b64200aed234ae994dcd66485eb30bbe869 /root/WEB-INF/web.xml None None None None None None None None None None 142 N/A None BodgeIt ",
+      "content": "Missing X Frame Options (web.xml) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84)\n\n N/A N/A None None  S3 None None 418f79f7a59a306d5e46aa4af1924b64200aed234ae994dcd66485eb30bbe869 /root/WEB-INF/web.xml None None None None None None None None None None 142 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92024,7 +92024,7 @@
   },
   {
     "fields": {
-      "content": "Missing X Frame Options (web.xml) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S3 None None 5fb0f064b2f7098c57e1115b391bf7a6eb57feae63c2848b916a5b79dccf66f3 /build/WEB-INF/web.xml None None None None None None None None None None 216 N/A None BodgeIt ",
+      "content": "Missing X Frame Options (web.xml) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=83](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=83)\n\n**Line Number:** 1\n**Column:** 301\n**Source Object:** CxXmlConfigClass419518315\n**Number:** 1\n**Code:** \n-----\n N/A N/A None None  S3 None None 5fb0f064b2f7098c57e1115b391bf7a6eb57feae63c2848b916a5b79dccf66f3 /build/WEB-INF/web.xml None None None None None None None None None None 216 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92042,7 +92042,7 @@
   },
   {
     "fields": {
-      "content": "Missing X Frame Options (web.xml) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=84)\n\n N/A N/A None None  S3 None None 418f79f7a59a306d5e46aa4af1924b64200aed234ae994dcd66485eb30bbe869 /root/WEB-INF/web.xml None None None None None None None None None None 10 N/A None BodgeIt ",
+      "content": "Missing X Frame Options (web.xml) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=84)\n\n N/A N/A None None  S3 None None 418f79f7a59a306d5e46aa4af1924b64200aed234ae994dcd66485eb30bbe869 /root/WEB-INF/web.xml None None None None None None None None None None 10 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92060,7 +92060,7 @@
   },
   {
     "fields": {
-      "content": "Not Using a Random IV With CBC Mode (AES.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n N/A N/A None None  S3 None None e5ac755dbe3bfd23995c8d5a99779d188440c9e573d79b44130d90468d41439c /src/com/thebodgeitstore/util/AES.java None None None None None None None None None None 153 N/A None BodgeIt ",
+      "content": "Not Using a Random IV With CBC Mode (AES.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n N/A N/A None None  S3 None None e5ac755dbe3bfd23995c8d5a99779d188440c9e573d79b44130d90468d41439c /src/com/thebodgeitstore/util/AES.java None None None None None None None None None None 153 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92078,7 +92078,7 @@
   },
   {
     "fields": {
-      "content": "Not Using a Random IV With CBC Mode (AES.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n N/A N/A None None  S3 None None e5ac755dbe3bfd23995c8d5a99779d188440c9e573d79b44130d90468d41439c /src/com/thebodgeitstore/util/AES.java None None None None None None None None None None 21 N/A None BodgeIt ",
+      "content": "Not Using a Random IV With CBC Mode (AES.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=1)\n\n**Line Number:** 96\n**Column:** 71\n**Source Object:** ivBytes\n**Number:** 96\n**Code:** cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(ivBytes));\n-----\n N/A N/A None None  S3 None None e5ac755dbe3bfd23995c8d5a99779d188440c9e573d79b44130d90468d41439c /src/com/thebodgeitstore/util/AES.java None None None None None None None None None None 21 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92096,7 +92096,7 @@
   },
   {
     "fields": {
-      "content": "Plaintext Storage in a Cookie (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None c81c73f4bd1bb970a016bd7e5f1979af8d05eac71f387b2da9bd4affcaf13f81 /root/basket.jsp None None None None None None None None None None 180 N/A None BodgeIt ",
+      "content": "Plaintext Storage in a Cookie (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None c81c73f4bd1bb970a016bd7e5f1979af8d05eac71f387b2da9bd4affcaf13f81 /root/basket.jsp None None None None None None None None None None 180 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92114,7 +92114,7 @@
   },
   {
     "fields": {
-      "content": "Plaintext Storage in a Cookie (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None c81c73f4bd1bb970a016bd7e5f1979af8d05eac71f387b2da9bd4affcaf13f81 /root/basket.jsp None None None None None None None None None None 48 N/A None BodgeIt ",
+      "content": "Plaintext Storage in a Cookie (basket.jsp) None None N/A Low **Category:** PCI DSS v3.1;PCI DSS (3.1) - 6.5.3 - Insecure cryptographic storage,OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=7)\n\n**Line Number:** 82\n**Column:** 364\n**Source Object:** \"\"\"\"\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 82\n**Column:** 353\n**Source Object:** basketId\n**Number:** 82\n**Code:** basketId = \"\" + rs.getInt(\"basketid\");\n-----\n**Line Number:** 84\n**Column:** 391\n**Source Object:** basketId\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None c81c73f4bd1bb970a016bd7e5f1979af8d05eac71f387b2da9bd4affcaf13f81 /root/basket.jsp None None None None None None None None None None 48 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92132,7 +92132,7 @@
   },
   {
     "fields": {
-      "content": "Race Condition Format Flaw (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\" + nf.format(pricetopay) + \"\");\n-----\n N/A N/A None None  S3 None None 3db6ca06969817d45acccd02c0ba65067c1e11e9d4d7c34c7301612e63b2f75a /root/basket.jsp None None None None None None None None None None 70 N/A None BodgeIt ",
+      "content": "Race Condition Format Flaw (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\" + nf.format(pricetopay) + \"\");\n-----\n N/A N/A None None  S3 None None 3db6ca06969817d45acccd02c0ba65067c1e11e9d4d7c34c7301612e63b2f75a /root/basket.jsp None None None None None None None None None None 70 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92150,7 +92150,7 @@
   },
   {
     "fields": {
-      "content": "Race Condition Format Flaw (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\" + nf.format(pricetopay) + \"\");\n-----\n N/A N/A None None  S3 None None 3db6ca06969817d45acccd02c0ba65067c1e11e9d4d7c34c7301612e63b2f75a /root/basket.jsp None None None None None None None None None None 202 N/A None BodgeIt ",
+      "content": "Race Condition Format Flaw (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=75](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=75)\n\n**Line Number:** 262\n**Column:** 399\n**Source Object:** format\n**Number:** 262\n**Code:** out.println(\"\" + nf.format(pricetopay) + \"\");\n-----\n N/A N/A None None  S3 None None 3db6ca06969817d45acccd02c0ba65067c1e11e9d4d7c34c7301612e63b2f75a /root/basket.jsp None None None None None None None None None None 202 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92168,7 +92168,7 @@
   },
   {
     "fields": {
-      "content": "Race Condition Format Flaw (product.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\" + nf.format(price) + \"\");\n-----\n N/A N/A None None  S3 None None b1306a4177b37bad4dbe763419df19ec56d7442262be5dfeff6d346b3b900ad1 /root/product.jsp None None None None None None None None None None 130 N/A None BodgeIt ",
+      "content": "Race Condition Format Flaw (product.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\" + nf.format(price) + \"\");\n-----\n N/A N/A None None  S3 None None b1306a4177b37bad4dbe763419df19ec56d7442262be5dfeff6d346b3b900ad1 /root/product.jsp None None None None None None None None None None 130 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92186,7 +92186,7 @@
   },
   {
     "fields": {
-      "content": "Race Condition Format Flaw (product.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\" + nf.format(price) + \"\");\n-----\n N/A N/A None None  S3 None None b1306a4177b37bad4dbe763419df19ec56d7442262be5dfeff6d346b3b900ad1 /root/product.jsp None None None None None None None None None None 262 N/A None BodgeIt ",
+      "content": "Race Condition Format Flaw (product.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=79](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=79)\n\n**Line Number:** 51\n**Column:** 400\n**Source Object:** format\n**Number:** 51\n**Code:** \"\" + nf.format(price) + \"\");\n-----\n N/A N/A None None  S3 None None b1306a4177b37bad4dbe763419df19ec56d7442262be5dfeff6d346b3b900ad1 /root/product.jsp None None None None None None None None None None 262 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92204,7 +92204,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n N/A N/A None None  S3 None None bae03653ab0823182626d77d8ba94f2fab26eccdde7bcb11ddd0fb8dee79d717 /root/basket.jsp None None None None None None None None None None 30 N/A None BodgeIt ",
+      "content": "Reliance on Cookies in a Decision (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n N/A N/A None None  S3 None None bae03653ab0823182626d77d8ba94f2fab26eccdde7bcb11ddd0fb8dee79d717 /root/basket.jsp None None None None None None None None None None 30 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92222,7 +92222,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n N/A N/A None None  S3 None None bae03653ab0823182626d77d8ba94f2fab26eccdde7bcb11ddd0fb8dee79d717 /root/basket.jsp None None None None None None None None None None 162 N/A None BodgeIt ",
+      "content": "Reliance on Cookies in a Decision (basket.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=31)\n\n**Line Number:** 38\n**Column:** 388\n**Source Object:** getCookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 360\n**Source Object:** cookies\n**Number:** 38\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 41\n**Column:** 373\n**Source Object:** cookies\n**Number:** 41\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 42\n**Column:** 392\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 42\n**Column:** 357\n**Source Object:** cookie\n**Number:** 42\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 43\n**Column:** 365\n**Source Object:** cookie\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 380\n**Source Object:** getValue\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 43\n**Column:** 354\n**Source Object:** basketId\n**Number:** 43\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 240\n**Column:** 440\n**Source Object:** basketId\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 380\n**Source Object:** prepareStatement\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 240\n**Column:** 352\n**Source Object:** stmt\n**Number:** 240\n**Code:** stmt = conn.prepareStatement(\"SELECT * FROM BasketContents, Products where basketid=\" + basketId +\n-----\n**Line Number:** 242\n**Column:** 357\n**Source Object:** stmt\n**Number:** 242\n**Code:** rs = stmt.executeQuery();\n-----\n**Line Number:** 280\n**Column:** 356\n**Source Object:** stmt\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n**Line Number:** 280\n**Column:** 361\n**Source Object:** !=\n**Number:** 280\n**Code:** if (stmt != null) {\n-----\n N/A N/A None None  S3 None None bae03653ab0823182626d77d8ba94f2fab26eccdde7bcb11ddd0fb8dee79d717 /root/basket.jsp None None None None None None None None None None 162 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92240,7 +92240,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (login.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None 11b43c1ce56100d6a92b74b27d6e6901f3822b44c4b6e8437a7622f71c3a58a9 /root/login.jsp None None None None None None None None None None 109 N/A None BodgeIt ",
+      "content": "Reliance on Cookies in a Decision (login.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None 11b43c1ce56100d6a92b74b27d6e6901f3822b44c4b6e8437a7622f71c3a58a9 /root/login.jsp None None None None None None None None None None 109 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92258,7 +92258,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (login.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None 11b43c1ce56100d6a92b74b27d6e6901f3822b44c4b6e8437a7622f71c3a58a9 /root/login.jsp None None None None None None None None None None 241 N/A None BodgeIt ",
+      "content": "Reliance on Cookies in a Decision (login.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=32)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=33)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=34)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=35)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=36)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=37)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=38)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=39)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=40)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=41)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=42)\n\n**Line Number:** 35\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 35\n**Column:** 362\n**Source Object:** cookies\n**Number:** 35\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 38\n**Column:** 375\n**Source Object:** cookies\n**Number:** 38\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 39\n**Column:** 394\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 39\n**Column:** 359\n**Source Object:** cookie\n**Number:** 39\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 40\n**Column:** 367\n**Source Object:** cookie\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 382\n**Source Object:** getValue\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 40\n**Column:** 356\n**Source Object:** basketId\n**Number:** 40\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 45\n**Column:** 357\n**Source Object:** basketId\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 45\n**Column:** 366\n**Source Object:** !=\n**Number:** 45\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None 11b43c1ce56100d6a92b74b27d6e6901f3822b44c4b6e8437a7622f71c3a58a9 /root/login.jsp None None None None None None None None None None 241 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92276,7 +92276,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (register.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None 84c57ed3e3723016b9425c8549bd0faab967538a59e072c2dc5c85974a72bf41 /root/register.jsp None None None None None None None None None None 221 N/A None BodgeIt ",
+      "content": "Reliance on Cookies in a Decision (register.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None 84c57ed3e3723016b9425c8549bd0faab967538a59e072c2dc5c85974a72bf41 /root/register.jsp None None None None None None None None None None 221 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92294,7 +92294,7 @@
   },
   {
     "fields": {
-      "content": "Reliance on Cookies in a Decision (register.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") \u0026\u0026 cookie.getValue().length() \u003e 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None 84c57ed3e3723016b9425c8549bd0faab967538a59e072c2dc5c85974a72bf41 /root/register.jsp None None None None None None None None None None 89 N/A None BodgeIt ",
+      "content": "Reliance on Cookies in a Decision (register.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=43)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=44)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=45)\n\n**Line Number:** 46\n**Column:** 390\n**Source Object:** getCookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 46\n**Column:** 362\n**Source Object:** cookies\n**Number:** 46\n**Code:** Cookie[] cookies = request.getCookies();\n-----\n**Line Number:** 49\n**Column:** 375\n**Source Object:** cookies\n**Number:** 49\n**Code:** for (Cookie cookie : cookies) {\n-----\n**Line Number:** 50\n**Column:** 394\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 50\n**Column:** 359\n**Source Object:** cookie\n**Number:** 50\n**Code:** if (cookie.getName().equals(\"b_id\") && cookie.getValue().length() > 0) {\n-----\n**Line Number:** 51\n**Column:** 367\n**Source Object:** cookie\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 382\n**Source Object:** getValue\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 51\n**Column:** 356\n**Source Object:** basketId\n**Number:** 51\n**Code:** basketId = cookie.getValue();\n-----\n**Line Number:** 56\n**Column:** 357\n**Source Object:** basketId\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n**Line Number:** 56\n**Column:** 366\n**Source Object:** !=\n**Number:** 56\n**Code:** if (basketId != null) {\n-----\n N/A N/A None None  S3 None None 84c57ed3e3723016b9425c8549bd0faab967538a59e072c2dc5c85974a72bf41 /root/register.jsp None None None None None None None None None None 89 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92312,7 +92312,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (basket.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None 7d988ddc1b32f65ada9bd17516943b28e33458ea570ce92843bdb49e7a7e22fb /root/basket.jsp None None None None None None None None None None 218 N/A None BodgeIt ",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (basket.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None 7d988ddc1b32f65ada9bd17516943b28e33458ea570ce92843bdb49e7a7e22fb /root/basket.jsp None None None None None None None None None None 218 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92330,7 +92330,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (basket.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None 7d988ddc1b32f65ada9bd17516943b28e33458ea570ce92843bdb49e7a7e22fb /root/basket.jsp None None None None None None None None None None 86 N/A None BodgeIt ",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (basket.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=445)\n\n**Line Number:** 84\n**Column:** 372\n**Source Object:** Cookie\n**Number:** 84\n**Code:** response.addCookie(new Cookie(\"b_id\", basketId));\n-----\n N/A N/A None None  S3 None None 7d988ddc1b32f65ada9bd17516943b28e33458ea570ce92843bdb49e7a7e22fb /root/basket.jsp None None None None None None None None None None 86 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92348,7 +92348,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (login.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None 0441fee04d6e24c168f5b4b567cc31174f464330f27638f83f80ee87d0d3dc03 /root/login.jsp None None None None None None None None None None 37 N/A None BodgeIt ",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (login.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None 0441fee04d6e24c168f5b4b567cc31174f464330f27638f83f80ee87d0d3dc03 /root/login.jsp None None None None None None None None None None 37 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92366,7 +92366,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (login.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None 0441fee04d6e24c168f5b4b567cc31174f464330f27638f83f80ee87d0d3dc03 /root/login.jsp None None None None None None None None None None 169 N/A None BodgeIt ",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (login.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=446)\n\n**Line Number:** 56\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 56\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None 0441fee04d6e24c168f5b4b567cc31174f464330f27638f83f80ee87d0d3dc03 /root/login.jsp None None None None None None None None None None 169 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92384,7 +92384,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (register.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None ebfe755d6f8f91724d9d8a0672c12dce0200f818bce80b7fcaab30987b124a99 /root/register.jsp None None None None None None None None None None 128 N/A None BodgeIt ",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (register.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None ebfe755d6f8f91724d9d8a0672c12dce0200f818bce80b7fcaab30987b124a99 /root/register.jsp None None None None None None None None None None 128 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92402,7 +92402,7 @@
   },
   {
     "fields": {
-      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (register.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None ebfe755d6f8f91724d9d8a0672c12dce0200f818bce80b7fcaab30987b124a99 /root/register.jsp None None None None None None None None None None 260 N/A None BodgeIt ",
+      "content": "Sensitive Cookie in HTTPS Session Without Secure Attribute (register.jsp) None None N/A Low **Category:** OWASP Top 10 2013;A6-Sensitive Data Exposure\n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=447)\n\n**Line Number:** 61\n**Column:** 373\n**Source Object:** Cookie\n**Number:** 61\n**Code:** response.addCookie(new Cookie(\"b_id\", \"\"));\n-----\n N/A N/A None None  S3 None None ebfe755d6f8f91724d9d8a0672c12dce0200f818bce80b7fcaab30987b124a99 /root/register.jsp None None None None None None None None None None 260 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92420,7 +92420,7 @@
   },
   {
     "fields": {
-      "content": "Stored Boundary Violation (login.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S3 None None b0de3516ab323f5577e6ad94803e2ddf541214bbae868bf34e828ba3a4d966ca /root/login.jsp None None None None None None None None None None 23 N/A None BodgeIt ",
+      "content": "Stored Boundary Violation (login.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S3 None None b0de3516ab323f5577e6ad94803e2ddf541214bbae868bf34e828ba3a4d966ca /root/login.jsp None None None None None None None None None None 23 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92438,7 +92438,7 @@
   },
   {
     "fields": {
-      "content": "Stored Boundary Violation (login.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S3 None None b0de3516ab323f5577e6ad94803e2ddf541214bbae868bf34e828ba3a4d966ca /root/login.jsp None None None None None None None None None None 155 N/A None BodgeIt ",
+      "content": "Stored Boundary Violation (login.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Stored\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=72)\n\n**Line Number:** 15\n**Column:** 374\n**Source Object:** executeQuery\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 15\n**Column:** 352\n**Source Object:** rs\n**Number:** 15\n**Code:** rs = stmt.executeQuery(\"SELECT * FROM Users WHERE (name = '\" + username + \"' AND password = '\" + password + \"')\");\n-----\n**Line Number:** 16\n**Column:** 356\n**Source Object:** rs\n**Number:** 16\n**Code:** if (rs.next()) {\n-----\n**Line Number:** 21\n**Column:** 374\n**Source Object:** rs\n**Number:** 21\n**Code:** String userid = \"\" + rs.getInt(\"userid\");\n-----\n**Line Number:** 22\n**Column:** 386\n**Source Object:** rs\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n**Line Number:** 22\n**Column:** 398\n**Source Object:** getString\n**Number:** 22\n**Code:** session.setAttribute(\"username\", rs.getString(\"name\"));\n-----\n N/A N/A None None  S3 None None b0de3516ab323f5577e6ad94803e2ddf541214bbae868bf34e828ba3a4d966ca /root/login.jsp None None None None None None None None None None 155 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92456,7 +92456,7 @@
   },
   {
     "fields": {
-      "content": "Suspected XSS (contact.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S3 None None cecce89612fa88ff6270b822a8840911536f983c5ab580f5e7df0ec93a95884a /root/contact.jsp None None None None None None None None None None 205 N/A None BodgeIt ",
+      "content": "Suspected XSS (contact.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S3 None None cecce89612fa88ff6270b822a8840911536f983c5ab580f5e7df0ec93a95884a /root/contact.jsp None None None None None None None None None None 205 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92474,7 +92474,7 @@
   },
   {
     "fields": {
-      "content": "Suspected XSS (contact.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S3 None None cecce89612fa88ff6270b822a8840911536f983c5ab580f5e7df0ec93a95884a /root/contact.jsp None None None None None None None None None None 73 N/A None BodgeIt ",
+      "content": "Suspected XSS (contact.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=314](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=314)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=315](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=315)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=316](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=316)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=317](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=317)\n\n**Line Number:** 7\n**Column:** 357\n**Source Object:** username\n**Number:** 7\n**Code:** String username = (String) session.getAttribute(\"username\");\n-----\n**Line Number:** 89\n**Column:** 356\n**Source Object:** username\n**Number:** 89\n**Code:** \n-----\n N/A N/A None None  S3 None None cecce89612fa88ff6270b822a8840911536f983c5ab580f5e7df0ec93a95884a /root/contact.jsp None None None None None None None None None None 73 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92492,7 +92492,7 @@
   },
   {
     "fields": {
-      "content": "Suspected XSS (password.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** \u003c%=username%\u003e\n-----\n N/A N/A None None  S3 None None ff922242dd15286d81f09888a33ad571eca598b615bf4d4b9024af17df42bc17 /root/password.jsp None None None None None None None None None None 171 N/A None BodgeIt ",
+      "content": "Suspected XSS (password.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** <%=username%>\n-----\n N/A N/A None None  S3 None None ff922242dd15286d81f09888a33ad571eca598b615bf4d4b9024af17df42bc17 /root/password.jsp None None None None None None None None None None 171 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92510,7 +92510,7 @@
   },
   {
     "fields": {
-      "content": "Suspected XSS (password.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid;=44\u0026pathid;=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** \u003c%=username%\u003e\n-----\n N/A N/A None None  S3 None None ff922242dd15286d81f09888a33ad571eca598b615bf4d4b9024af17df42bc17 /root/password.jsp None None None None None None None None None None 39 N/A None BodgeIt ",
+      "content": "Suspected XSS (password.jsp) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=318](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=318)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=319](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=319)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=320](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=320)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=321](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=321)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=322](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=322)\n\n**Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=323](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid;=44&pathid;=323)\n\n**Line Number:** 57\n**Column:** 360\n**Source Object:** username\n**Number:** 57\n**Code:** <%=username%>\n-----\n N/A N/A None None  S3 None None ff922242dd15286d81f09888a33ad571eca598b615bf4d4b9024af17df42bc17 /root/password.jsp None None None None None None None None None None 39 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92528,7 +92528,7 @@
   },
   {
     "fields": {
-      "content": "Unsynchronized Access to Shared Data (AdvancedSearch.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n N/A N/A None None  S3 None None dc13f474e6f512cb31374bfa4658ce7a866d6b832d40742e784ef14f6513ab87 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 243 N/A None BodgeIt ",
+      "content": "Unsynchronized Access to Shared Data (AdvancedSearch.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n N/A N/A None None  S3 None None dc13f474e6f512cb31374bfa4658ce7a866d6b832d40742e784ef14f6513ab87 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 243 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92546,7 +92546,7 @@
   },
   {
     "fields": {
-      "content": "Unsynchronized Access to Shared Data (AdvancedSearch.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074\u0026projectid=44\u0026pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n N/A N/A None None  S3 None None dc13f474e6f512cb31374bfa4658ce7a866d6b832d40742e784ef14f6513ab87 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 111 N/A None BodgeIt ",
+      "content": "Unsynchronized Access to Shared Data (AdvancedSearch.java) None None N/A Low **Category:** \n**Language:** Java\n**Group:** Java Low Visibility\n**Status:** New\n**Finding Link:** [https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8](https://code.checkmarx.io/CxWebClient/ViewerMain.aspx?scanid=1000074&projectid=44&pathid=8)\n\n**Line Number:** 93\n**Column:** 24\n**Source Object:** jsonEmpty\n**Number:** 93\n**Code:** return this.jsonEmpty;\n-----\n N/A N/A None None  S3 None None dc13f474e6f512cb31374bfa4658ce7a866d6b832d40742e784ef14f6513ab87 /src/com/thebodgeitstore/search/AdvancedSearch.java None None None None None None None None None None 111 N/A None BodgeIt ",
       "content_type": [
         "dojo",
         "finding"
@@ -92960,7 +92960,7 @@
   },
   {
     "fields": {
-      "content": "Apple Accounting Software Accounting software is typically composed of various modules, different sections dealing with particular areas of accounting. Among the most common are:\r\n\r\n**Core modules**\r\n\r\n* Accounts receivable—where the company enters money received\r\n* Accounts payable—where the company enters its bills and pays money it owes\r\n* General ledger—the company's \"books\"\r\n* Billing—where the company produces invoices to clients/customers high web production purchased 3 Billing",
+      "content": "Apple Accounting Software Accounting software is typically composed of various modules, different sections dealing with particular areas of accounting. Among the most common are:\r\n\r\n**Core modules**\r\n\r\n* Accounts receivable\u2014where the company enters money received\r\n* Accounts payable\u2014where the company enters its bills and pays money it owes\r\n* General ledger\u2014the company's \"books\"\r\n* Billing\u2014where the company produces invoices to clients/customers high web production purchased 3 Billing",
       "content_type": [
         "dojo",
         "product"
@@ -93348,4 +93348,4 @@
     "model": "authtoken.token",
     "pk": "6d45bc1d2e5cea8c4559edd68f910cc485f61708"
   }
-]
+]
\ No newline at end of file